Content, IoT

IoT Security: Cisco Serves up Architecture, Services Framework

Marc Blackmer of Cisco Systems. He’s an Internet of Things expert.

Given IT’s inexorable, near lockstep march to embrace the Internet of Things (IoT), it’s not devices but security that’s risen to top-of-mind. Without equivocation, IoT security is the most pressing issue facing device makers, developers, security specialists and, inevitably, MSSPs.

Cisco, credited with coining the next-gen term Internet of Everything, has served up what it’s calling the IoT Threat Defense, an “architectural and services solution” that’s essentially a package of existing products and services to help segregate critical systems in vulnerable industries.

The underlying thinking -- in what Cisco called a “logical move” that builds on virtual LANs -- is to segregate IoT devices beyond the reach of cyber attackers to prevent them from being used as “pivot points” to circumnavigate networks.

IoT Security: Device Makers, Vertical Markets

In a nod to device makers baking in cybersecurity to their devices, Cisco contends that implementation of self-protecting things won’t happen anytime soon, hence the need for a solution founded on system architecture and services.

Much to its credit, Cisco has targeted the initial implementations of the IoT Threat Defense at susceptible services in advanced medical care, power generation and delivery, and automated manufacturing, calling out, in particular, ransomware’s potential for severe injury in those industries.

Cisco's IoT Threat Defense has as its foundation a number of the vendor’s current security capabilities, including its TrustSec, Stealthwatch, Identity Service Engine (ISE), AnyConnect, Umbrella, Advanced Malware Protection (AMP) and Firepower NGFW. Those services span network segmentation, behavior analytics, device visibility, remote access cloud security, malware protection and firewall.

To help organizations with implementation, Cisco’s security services unit has at the ready an assortment of tools that include risk assessment and assistance with solution design, deployment and operating a segmentation framework. According to Cisco, the team will help customers understand how the solution considers identity and trust, visibility, policy enforcement, availability and application interdependencies. The offer also includes incident readiness and response services.

Cisco IoT Threat Defense: Marc Blackmer Weighs In

Marc Blackmer, a Cisco product marketing manager in its Industry Solutions unit, said in a blog post that the vendor has “invented an extensible, automated, policy-based technology to solve the problem of secure segmentation at scale for the IoT.”

The platform, he said, addresses the two most nettlesome IoT security issues - the devices can’t yet protect themselves, and, as businesses connect billions of devices in the next few years, scale will become an overriding factor.

Still, Blackmer said Cisco is well aware that the “last thing operators of critical networks want to hear about is automated cybersecurity,” particularly for industrial control environments.

Nonetheless, despite technical improvements in IoT security, “the human factor is the most important,” he wrote.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.