Cisco says It Will Make The IoT Safe

Cisco Systems is making a play for the fundamental process of putting IoT devices online, promising greater ease of use and security as enterprises prepare to deploy potentially millions of connected objects.

Thanks to a dominant position in Internet Protocol networks, Cisco can do what no other company can: Change networks that were not designed for IoT in order to pave the way for a proliferation of devices, said Rowan Trollope, senior vice president and general manager of the IoT & Applications Group.

“The Internet as we know it today, and the network that you operate, will not work for the Internet of Things,” Trollope said in a keynote presentation at the Cisco Partner Summit in San Francisco recently. “We can solve that problem because we own the network.”

At the heart of this ambitious initiative is security, a theme that’s prominent throughout the summit in San Francisco, where the plan was announced.

Competition is heating up in the potentially lucrative area of orchestrating IoT rollouts and security. Just last week, chip design company ARM introduced its med Cloud service and said it was best equipped to lock down the internet of things because most IoT devices use ARM chips.

Within the next year, Cisco will launch a program to certify IoT devices as compatible with its network-based software. Among other things, the software should be able to automatically authorise these devices on a “white-list” basis, allowing only endpoints that are safe instead of trying to find and block those that are not. Devices themselves will play a role here, telling the network what kinds of things they should be able to do, such as only connecting to the home server for the service it provides.

This approach might help to prevent devastating events like the recent Mirai botnet attack that employed thousands of insecure internet-connected cameras.

But the IoT onboarding and management capabilities go beyond security to include automation of other tasks like network configuration that administrators would otherwise have to do.

“There aren’t enough people on Earth to run the network the way it’s being run today, when you look at the scale of the internet of things,” Trollope said during a media briefing after his keynote presentation.

To make this possible, Cisco is using capabilities from Jasper Technologies, the IoT connectivity company it acquired in February. They’ve gone into DNA (Digital Network Architecture), Cisco’s blueprint for building automated and virtualized networks.

The company’s partnership with Apple is an early example of what it can do to help secure and manage devices on Cisco networks, Trollope said.

Asked how much Cisco can accomplish as one company, albeit one that’s pervasive in IP networks, Trollope said it hopes to get some of these capabilities standardized. Specifically, it’s helping to push MUD (Manufacturers Usage Description) through the Internet Engineering Task Force. But because Cisco can work faster than a standards body, it will deploy the technology ahead of time, he said.

Don’t expect all this overnight, though. It could take a long time before most devices are equipped to participate. The key to that part of it will be chip companies, which could save manufacturers a lot of work by building in the technology, Trollope said.

ComputerWorld:                A Strategic Company: The Internet of Things & How ARM Fits In:

 

« Securing Data in the Cloud
How Businesses Can Prevent Point-of-Sale Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Northbridge Insurance

Northbridge Insurance

Northbridge is a leading Canadian business insurance provider. Services offered include Cyber Risk insurance.

Secardeo

Secardeo

Secardeo is a provider of corporate solutions using digital signatures and certificates. Our solutions enable the user transparent end-to-end encryption of e-mails between organizations.

Advanced Systems International SAC

Advanced Systems International SAC

Advanced Systems international is a global company dedicated to data security software design, development, support, and licensing.

Zecurion

Zecurion

Zecurion data loss prevention (DLP) solution is an easy-to-use solution for securing confidential data at rest and in motion.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

NSEIT

NSEIT

NSEIT offers end-to-end Information Technology products, solutions and services including cybersecurity to organizations in the financial sector.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

Beosin

Beosin

Beosin is a blockchain security company providing cybersecurity services including security audits, on-chain asset investigation, threat intelligence and wallet security.

Solidified

Solidified

Solidified is the largest audit platform for smart contracts. Our community has the highest concentration of top Blockchain security specialists and best-in-class code auditors.

Sparrow

Sparrow

Sparrow specializes in application security testing solutions to cope with new technology trends such as cloud, mobile, and DevSecOps.

SubCom

SubCom

How Much Do You Trust Your Endpoint? With our ‘Habituation Neural Fabric’ based endpoint security platform, you can observe and manage the Trust Score of your endpoints in real-time.

Block Harbor Cybersecurity

Block Harbor Cybersecurity

Block Harbor has worked closely with automakers, suppliers, and regulators since 2014 on vehicle cybersecurity.

B2Bcert

B2Bcert

B2BCERT one of the top companies offering ISO 9001, ISO 14001, ISO 45001, ISO 22000, ISO 27001, ISO 20000,CE Marking, HACCP, and other globally accepted standards and Management solutions.

BJSS

BJSS

BJSS is an award-winning technology and engineering consultancy for business.

CIP Cyber

CIP Cyber

CIP Cyber is an online learning community with a mission of connecting, training, and certifying cybersecurity professionals to protect critical infrastructure.

EmberOT

EmberOT

EmberOT is at the forefront of operational technology (OT) security, offering cutting-edge solutions designed to protect critical infrastructure within energy, utilities, and manufacturing sectors.