Secure IoT networks, not the devices
24 May 2017 | 0
With networking professionals unable to trust the security of Internet of Things (IoT) devices, Cisco says they should focus on implementing network-based security protections that limit the blast radius of IoT security breaches.
Cisco has unveiled a new package named IoT Threat Defense at the company’s IoT World Forum in London.
IoT Threat Defense combines seven separate offerings, including network-segmentation rule creator TrustSec, network behaviour analytics platform Stealthwatch and device-visibility offering named Cisco Identity Service Engine.
Cisco’s basic IoT security premise is that internet-connected devices cannot be trusted as secure. It says some device manufacturers are building security protections into devices, but that process is taking years to implement.
To protect IoT deployments, Cisco recommends that customers isolate the devices on network segments. Traditional segmentation using VLANS can become complicated at an IoT-deployment scale though, Cisco says.
Cisco’s TrustSec platform that includes network segmentation capabilities. “The logical move is to segment these devices to put them out of attackers’ reach,” Cisco says. “If devices are compromised, organisations can prevent them from being used as pivot points to move through the network, and to activate incident response processes to protect the business.”
IoT Threat Defense can detect anomalies in network traffic, block certain traffic and identify infected hosts. Cisco is targeting initial use cases in the medical, power utilities and automated manufacturing industries.
While TrustSec and the other offerings that make up IoT Threat Defense are not new, Cisco’s offering them as a bundled packaging specifically targeting IoT use cases. Cisco expects IoT Threat Defense to be available beginning in June; it did not release pricing information.
IDC predicts the number of IoT endpoints will balloon from 14.9 billion at the end of 2016 to 50 billion by 2020 and up to 82 billion by 2025.
Despite the plethora of IoT devices already in the market, Cisco says enterprises still struggle with implementing IoT projects: A survey the company released at IoT World Forum says 60% of IoT projects stall at the proof-of-concept phase. Of projects that were completed, users deemed only one-quarter of them a success.