The number one reason that the organizations I talk to are so eager to digitize their environments? Data. There is so much rich data at the edge of the network – at that IoT edge. Organizations want to leverage that data to gain a competitive advantage – including utility operators such as Finland’s Turku Energia which use that rich data to more effectively manage their grid in the face of cyber threats or mining companies such as Sweden-based Boliden that are digitizing their entire underground operations so that workers can excavate remotely, out of harm’s way.
Given these environments, I’m sure you won’t be surprised that the number one concern is risk. When it comes to digitization, it’s increasingly cybersecurity risk. Any potential security breach in operational settings can bring down production lines, utility grids, complex roadways, and more. When lives are at stake, that’s not a risk that a leader wants to take. While the communication network has always been the backbone for IT, it is becoming foundational for operational environments where customers require real-time access to machine data.
But why is it so risky? One of the biggest reasons is that it’s been nearly impossible to know what is out there in those vast operations. I have never talked to a customer who says “I know 100% of my devices and industrial controls.” Industrial environments have been operational for decades, grown to meet demand and through mergers and acquisitions. There’s a mix of legacy and IP-based equipment that customers don’t want to touch for the fear of disrupting current operations.
A Vast New Threat Landscape
And even more – this new threat landscape isn’t just vast in terms of scale and physical distances. It’s a heterogeneous environment running a variety of industry-specific protocols, making it nearly impossible to extract machine data and securely deliver the right data to applications in multi-cloud destinations. It’s also a world of flat, unmanaged legacy networks that allow unfettered propagation of threats across operational environments, causing system downtime, increasing risks to people, and the industrial processes.
To start to manage cyber risks in the operational environments, customers need to start with an accurate inventory and baseline communication patterns with the fear of breaking something that is working today.
Introducing Comprehensive Industrial IoT Security and Cisco Cyber Vision for OT visibility
And that’s exactly what Cisco is delivering with our new comprehensive IoT security architecture that provides enhanced visibility, analytics, automation, and security across the branch, campus, data center, and into these operational environments. Organizations will gain:
- Common visibility and analytics spanning OT and IT: Cisco Cyber Vision automates visibility of industrial devices, secures operational processes, and reduces risk of cyber threats. No longer do you need to inventory assets via clip boards.
- Integration with Cisco’s security portfolio: Cisco Cyber Vision provides device identity to define and enforce policy using granular segmentation via with ISE, as well as asset names and device details for Cisco Stealthwatch to detect anomalies and alert IT.
- Simplicity and automation: Now, organizations can use the tool sets and capabilities that IT has experience with and has already deployed in the enterprise, strengthened by Cisco Cyber Vision.
Now that it’s secure, collecting data becomes a reality
The benefits of edge computing are clear: reduce need to backhaul data and save money, process data closer to where it is being produced, and only bring back what is need. Now that you’ve connected your industrial assets and secured the processes, gathering that data is feasible.
But, I often hear customers lament that current approaches require custom software and integrations of technologies from multiple vendors both on the IT and OT side. These projects quickly become overwhelmingly complex to deploy and manage. These solutions are further challenged with no easy way to control what data is delivered to specific applications running in modern multi-cloud (public, private, and hybrid) environments.
Cisco Edge Intelligence is a new software offering that allows operators to quickly and easily create data flows that deliver data from the IoT edge to multi-cloud destinations reliably and securely. Like Cisco Cyber Vision, it is a software service deployed on Cisco’s IIoT Networking portfolio for easy, out-of-the box deployments.
Cisco Edge Intelligence gives organizations ownership and control over their data so they can make better decisions to improve the success and competitiveness of their organization via:
- A set of connectors that allow you to extract the data trapped in your machines
- Developer-friendly tools to perform edge analytics for your operations
- The ability to govern the logical flow of IoT data at a granular level before it leaves the operational environment
- Pre-integration with application and platform partners to easily share data from edge to multi-cloud destinations
- Simplified user experience and centralized management for scalability for operational users
Only Cisco is able to provide this comprehensive that brings together data, insights, and context from OT to detect vulnerabilities and intrusions, prevent malware propagation, and identify modifications to industrial assets to speed remediation.