IoT
5/26/2017
10:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Cisco Launches IoT Threat Defense to Secure IoT Devices

London, May 23, 2017 – By 2020, Cisco (NASDAQ: CSCO) expects up to 50 billion connected devices to be in play, signaling a critical mass in achieving the promise of the Internet of Things (IoT). Today, Cisco takes a leading role in securing that promise – and offsetting risk – with the introduction of Cisco® IoT Threat Defense. This broad architectural and services solution segments devices on the network to provide adaptable, extensible protection for organizations at IoT scale. The first use of IoT Threat Defense is to secure vital services in advanced medical care, power generation and delivery, and automated manufacturing.

Escalation of Cyberattacks Can Cripple Vital Services

The escalation of ransomware and other malware events in the past year reveals that organizations are even more critically exposed, reflecting a long-held concern that “it’s not if but when” a business may fall victim to costly cyberattacks. The Cisco 2017 Annual Cybersecurity Report notes that CISOs find attacks can impact operations, reputation, and revenue. At stake is unauthorized access to networks, data and IP loss, and business shutdown.

These issues are compounded for those in manufacturing, with IT and OT challenges in how businesses securely connect devices, protect plant operations, and maintain functionality and uptime. While many device manufacturers are building in cybersecurity, implementation can take years. The logical move is to segment these devices to put them out of attackers’ reach. If devices are compromised, organizations can prevent them from being used as pivot points to move through the network, and to activate incident response processes to protect the business.

Segmentation Clears Obstacles to Securing the IoT

Organizations face two major hurdles in securing the IoT. First, most IoT devices can’t protect themselves. The resulting vulnerabilities create ample opportunities for attackers to exploit those devices and gain network access. The second complicating factor is scale, as businesses will be expected to connect billions of devices in the next few years.

Network segmentation is not new. Virtual Local Area Networks (VLANs) have been in use for decades. But the sheer scale of the IoT makes creating enough VLANs impractical, if not impossible.

Cisco has led the market in designing, deploying, and securing networks for over 25 years. It continues to build the equipment, invent the technologies, and develop the standards that help make the Internet possible. Cisco invented TrustSec, an extensible, automated, policy-based technology to solve problems of secure segmentation at scale for the IoT. It is supported across a range of Cisco equipment – ruggedized or non-ruggedized, from the data center to the factory floor.

IoT Solution Includes Best-of-Breed Threat Defense Architecture Over Point Products

In addition to the use of network segmentation to securely scale to meet the escalating needs of the IoT, Cisco IoT Threat Defense is built as a best-of-breed architecture, featuring a strong cast of integrated, trusted Cisco security capabilities:

  • Network segmentation (Cisco TrustSec®)
  • Network behavior analytics (Cisco Stealthwatch)
  • Device visibility (Cisco ISE)
  • Remote access (Cisco AnyConnect®)
  • Cloud security (Cisco Umbrella™)
  • Malware protection (Cisco AMP)
  • Firewall (Cisco Firepower® NGFW)

This architecture provides visibility and analysis of traffic to and from IoT devices, as well as traffic entering and exiting the enterprise to detect threats and compromised hosts. It can detect anomalies, block threats, identify compromised hosts, and help mitigate user error. Additionally, it can secure remote access between sites and between organizations.

Cisco Security Services adds deep expertise to enable organizations to have more effective security – from medical facilities treating patients, to plant operations using assembly lines, to power companies connecting to the electrical grid. The team offers an array of services to meet a customer’s needs, preferences and requirements of industrial networks, beginning with a risk assessment. Advisors will help design, deploy and operate a segmentation framework that considers identity and trust, visibility, policy enforcement, availability, and application interdependencies. Incident readiness and response services allow customers to respond to attacks and reduce damage, exposure, and network downtime.


For more information about Cisco IoT Threat Defense, click here.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Yahoo Class-Action Suits Set for Settlement
Dark Reading Staff 9/17/2018
RDP Ports Prove Hot Commodities on the Dark Web
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: In Russia, application hangs YOU!
Current Issue
Flash Poll
How Data Breaches Affect the Enterprise
How Data Breaches Affect the Enterprise
This report, offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future. Read the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-3912
PUBLISHED: 2018-09-18
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.
CVE-2018-6690
PUBLISHED: 2018-09-18
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.
CVE-2018-6693
PUBLISHED: 2018-09-18
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escal...
CVE-2018-16515
PUBLISHED: 2018-09-18
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.
CVE-2018-16794
PUBLISHED: 2018-09-18
Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.