internet of things (iot) security - cisco.com internet of things (iot) security: understanding the...

Internet Of Things (IoT) Security: Understanding The Challenges While Mitigating the Risks
Demetris Booth, APJC Lead – Product Management & Product Marketing

Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Agenda
• Overview & Benefits
• Security Challenges
• Mitigating Challenges • High Level View
• Technical View
• Bringing It All Together

7.2 6.8 7.6 World Population
Adoption rate of digital infrastructure:
5X faster than electricity and telephony
50 Billion
“Smart Objects”
50
2010 2015 2020
0
40
30
20
10 B ill
io n s o
f D
e v ic
e s
25
12.5
Inflection point
Timeline
IoT Is Here Now – and Growing!

Relation to Internet of Everything (IoE)
IoE
Connecting people in more relevant, valuable ways
People
Leveraging data into more useful information for decision making
Data
Delivering the right information to the right person (or machine) at the right time
Process
Physical devices and objects connected to the Internet and each other for intelligent decision making
Things
Networked Connection of People, Process, Data, Things
IoE: Connecting the Unconnected to Generate Business Value

IoT Delivers Extraordinary Benefits

What Comprises IoT Networks?
Information Technology
(IT)
Operational Technology
(OT)
Smart Objects
7

Smart City
Safety, financial, and environmental benefits
 Reduced congestion
 Improved emergency services response times
 Lower fuel usage
 Increased efficiency
 Power and cost savings
 New revenue opportunities
 Efficient service delivery
 Increased revenues
 Enhanced environmental monitoring capabilities
8

The Connected Car
Actionable intelligence, enhanced comfort, unprecedented convenience
 Online entertainment
 Mapping, dynamic re-routing, safety and security
 Transform “data” to “actionable intelligence”
 Enable proactive maintenance
 Collision avoidance
 Fuel efficiency
 Reduced congestion
 Increased efficiency
 Safety (hazard avoidance)
9

Big Data Becomes Open Data for Customers, Consumers to Use
More Important
Less Important
01010100101010101010101010101
01010101010001010100101010101
01110101010101010101
IoT Transforms Data into Wisdom
Wisdom (Scenario Planning)
Data
Information
Knowledge
10

… but it also adds complexity.
Application Interfaces
Infrastructure Interfaces
New Business Models Partner Ecosystem
Applications
Unified Platform
Infrastructure
11

… but it also adds complexity.
Applications
Device and Sensor Innovation
Unified Platform
Infrastructure
APPLICATION ENABLEMENT PLATFORM
APPLICATION CENTRIC INFRASTRUCTURE
APPLICATION AND BUSINESS INNOVATION
Data Integration Big Data Analytics Control Systems Application
Integration
12

The Flip Side: Major Security Challenges

We’ve Created the Perfect Storm…
> Device Explosion
> Connectivity Explosion
> State Cyber Programs
> Industrialization of Hacking
> “Hactivism”
+
+
+
+
=

Traditional Security Challenges
Increased Attack Surface
Information Breach
Data Privacy
Smart Objects
Devices
Per Person
Sensors
Per Person
6
130
Security Challenges

Superior Visibility
Advanced video analytics, remote management, and multi-site event correlation
Granular Control
Differentiated policy enforcement across the extended network
Advanced Threat Protection
Comprehensive cyber security threat detection and mitigation
Actionable Intelligence
Internetworked security solutions for superior intelligence and rapid response
Automated Decisions
Machine-to-machine enabled security control with no human intervention required
IoT Security Challenges

IoT Expands Security Needs
IoT CONNECTIVITY
Converged, Managed Network
Resilience at Scale Security Application Enablement
Distributed Intelligence
New Applications
Threat Diversity
Impact and Risk
Remediation
Protocols
Compliance and Regulation
17

Mitigating The Security Risk Across the Extended Network – The 20,000 FT View

IT and OT are Inherently Different
 IT  OT
• Connectivity: “Any-to-Any”
• Network Posture: Confidentiality, Integrity, Availability (CIA)
• Security Solutions: Cybersecurity; Data Protection
• Response to Attacks: Quarantine/Shutdown to Mitigate
• Connectivity: Hierarchical
• Network Posture: Availability, Integrity, Confidentiality (AIC)
• Security Solutions: Physical Access Control; Safety
• Response to Attacks: Non-stop Operations/Mission Critical – Never Stop, Even if Breached
19

IT/OT Converged Security Model
20
IT
DMZ
OT
Enterprise Network
Supervisory
Demilitarised Zone
Automation & Control
Id e
n ti
ty S
e rv
ic e
s
C lo
u d
N e
tw o
rk S
e c
u ri
ty
S e
c u
re A
c c
e s
s
A p
p li
c a
ti o
n C
o n
tr o
l
C o
n fi
g
M g
m t

The Secure IoT Architecture – IT Plus OT!
Services
Applications
Device and Sensor Innovation
Application Enablement Platform
Application Centric Infrastructure
Security
APPLICATION AND BUSINESS INNOVATION
Data Integration
Big Data Analytics Control Systems
Application Integration
Network and Perimeter Security
Physical Security
Device-level Security /
Anti-tampering
Cloud-based Threat Analysis /
Protection
End-to-End Data Encryption
Services
21

Cisco Security Model
Attack Continuum
Network Endpoint Mobile Virtual Cloud
Point in time Continuous
Detect
Block
Defend
DURING BEFORE Control
Enforce
Harden
AFTER Scope
Contain
Remediate

Security/Attack Continuum - IT
Detect
Block
Defend
DURING BEFORE Control
Enforce
Harden
AFTER Scope
Contain
Remediate
Cloud-based threat
detection and
prevention; policy
enforcement via
firewall, V

internet of things (iot) security - cisco.com internet of things (iot) security: understanding the...

Documents