May 24, 2017
Cisco this week launched Iot Threat Defense, and architectural and services offering that it said segments devices on the network to provide adaptable, extensible protection for organizations at IoT scale. The first use of IoT Threat Defense will be to secure vital services in advanced medical care, power generation and delivery, and automated manufacturing.
According to the company, the escalation of ransomware and other malware events in the past year reveals that organizations are even more critically exposed, reflecting a long-held concern that “it’s not if but when” a business may fall victim to costly cyberattacks.
The Cisco 2017 Annual Cybersecurity Report notes that chief information security officers (CISOs) find attacks can impact operations, reputation, and revenue. At stake is unauthorized access to networks, data and IP loss, and business shutdown.
“These issues are compounded for those in manufacturing, with IT and OT challenges in how businesses securely connect devices, protect plant operations, and maintain functionality and uptime,” Cisco said in a release.
‘While many device manufacturers are building in cybersecurity, implementation can take years. The logical move is to segment these devices to put them out of attackers’ reach. If devices are compromised, organizations can prevent them from being used as pivot points to move through the network, and to activate incident response processes to protect the business.”
Organizations, it added, face two major hurdles in securing the IoT. First, most IoT devices can’t protect themselves. The resulting vulnerabilities create ample opportunities for attackers to exploit those devices and gain network access. The second complicating factor is scale, as businesses will be expected to connect billions of devices in the next few years.
“Network segmentation is not new. Virtual Local Area Networks (VLANs) have been in use for decades. But the sheer scale of the IoT makes creating enough VLANs impractical, if not impossible.
Cisco IoT Threat Defense includes:
Network segmentation (Cisco TrustSec)
Network behavior analytics (Cisco Stealthwatch)
Device visibility (Cisco ISE)
Remote access (Cisco AnyConnect)
Cloud security (Cisco Umbrella)
Malware protection (Cisco AMP)
Firewall (Cisco Firepower NGFW)
“This architecture provides visibility and analysis of traffic to and from IoT devices, as well as traffic entering and exiting the enterprise to detect threats and compromised hosts,” Cisco said. “It can detect anomalies, block threats, identify compromised hosts, and help mitigate user error. Additionally, it can secure remote access between sites and between organizations.”