|Cisco is not the only provider of security and networking software geared towards IoT / Photo Credit: BeeBright (via Shutterstock)|
Michael Vizard of cybersecurity news website Security Boulevard wrote that Cisco announced a security architecture for IoT environments based on multiple IoT technologies the firm acquired the past year. These technologies are augmented by Talos security monitoring software and services from Cisco itself. Announced at the Cisco Live! event in Barcelona, Cisco Cyber Vision promised to provide a set of software and services to allow anomalies and threats to IoT assets to be detected in real-time. Director of IoT at Cisco Joe Malendant said organizations are finding ways to extend visibility across networks that are composed of a diverse number of protocols being added to connected devices that are operating a wide range of operating system software. This rationale is driven by the convergence of IT and operational networks in the IoT age.
Cisco Cyber Vision analyzes traffic from connected assets. It formulates segmentation policies that are applied with Cisco Identity Services Engine (ISE) and Cisco DNA Center, a network management platform, to mitigate movements of security risks across IoT architectures. Cisco Cyber Vison also leverages Cisco Edge Intelligence software to obtain data at the network edge. For Malenfant, this eliminates the need for the firm’s customers to develop a separate platform to manage their IoT environments. Securing IoT environments may be harder since cyberattacks against any specific platform “tend to be highly crafted.” Further, most enterprises don’t have a central repository to track the location of their internet-connected devices.
Alarmingly, many of the attacks that are targeted towards IoT devices are orchestrated by nation-states to cripple critical industrial control systems, for instance. Organizations will need a security architecture capable of extracting actionable intelligence in real-time that includes the type of attack and the device’s location.
On the other hand, Malenfant recommended that companies apply the best DevSecOps practices to their IoT environments. Many applications at the edge would be more secure if developers embedded controls in the applications as soon as they are built and deployed. This would make it easier to integrate platforms like Cisco Cyber Vision, Malenfant explained.
Cisco is not the only provider of security and networking software geared towards IoT. Hence, it is important for firms to determine which vendor to rely on and how to align their internal culture to address IoT security challenges.