IoT technology is enriching our critical infrastructure, including water management, energy distribution, and transportation. This technology makes our lives easier but can also leave us vulnerable to cyberattacks. Cisco has developed tools to help assess and manage IoT risk.
There was a time when a traffic light was just a traffic light. Today it's a smart device connected to a citywide network that knows how bad road congestion is three blocks ahead and makes decisions accordingly. It now may also be a vector for cyberattacks. It's one example of a massive upgrade to our critical infrastructure that promises to make life more efficient but also comes with its share of risks. Across the US, organizations are upgrading critical infrastructure that keeps society safe and functional. Thanks to the Internet of Things, or IoT, static and disconnected devices are becoming dynamic and connected. Our cities are inflection points for this modernization. They're coping with growing population pressure by transforming critical systems including water management, energy distribution, and transportation. The result? Street lights can now sense people moving underneath them and dim themselves when there's no one around, saving energy. Smart energy meters balance electricity loads and encourage more efficient resource usage. And sensors monitor traffic flow, adjusting signals accordingly to reduce delays at intersections. These measures can have significant social and environmental effects. In Caldas da Rainha, Portugal, officials detected a 200,000 liter water leak using sensors connected by a Cisco-powered wireless IoT network, and have reduced water management costs by a third. But IoT networks come with significant risks. Connecting critical infrastructure to networks makes them vulnerable to cyberattacks. Critical infrastructure at risk The operational technology, or OT, systems underpinning critical infrastructure operate at a different cadence than traditional IT systems. Whereas many IT systems see security patches every month, OT devices might not be patched for years. "As many of these systems are critical to our way of life, they can't just take them offline to install a patch or reboot after an update," Vikas Butaney, VP and GM of the IoT business group at Cisco, says. "They take many hours to safely shut down and sometimes days to bring back up online." Researchers have gamed out potential attacks with frightening results. In 2018, University of Michigan researchers demonstrated how they could attack connected traffic-management systems to bring downtown traffic to a standstill. Other attacks have already happened. A 2019 ransomware attack on Norsk Hydro initially targeted its administrative IT systems but put the company into such disarray that it had to halt aluminum production, closing plants around the world. Other reports of attackers already inside the US electrical grid preceded the first disruptive cyberattack on an electrical utility in the US during the spring of 2019. Attacks against infrastructure show no signs of slowing. The World Economic Forum's 2020 Global Risk Report showed that 76.1% of people expected cyberattacks on infrastructure to increase. How cybersecurity companies can help Security companies with proven expertise in OT are helping critical infrastructure providers tackle the risks. Cisco has expertise in both OT and conventional IT systems. That's important because attackers will often use IT systems as a vector to attack OT networks. "We have developed a framework and software-based network security solution that starts with visibility and asset identification," Butaney said. "Policies can be applied, segmentation can be easily created and enforced, and ultimately continuous monitoring of the OT network can be a reality." Cisco helps critical infrastructure providers map their complex control networks using the Cisco Cyber Vision tool, which focuses on protecting a critical infrastructure provider's infrastructure without changing it. Instead of adding more appliances to a sensitive OT network, this tool catalogs its connected assets, maps its communication patterns, and discovers misconfigurations and threats. This data flows through integrations into Cisco's portfolio of security solutions. For example, Cisco Identity Services Engine, or ISE, is a security policy management platform that enforces access policies for network resources to ensure that only the right people and devices get to connect with critical infrastructure resources. Another tool in Cisco's portfolio, the Cisco ISA 3000 rugged firewall, helps protect OT networks from external threats. Specifically built for OT environments, it segments control networks and watches industrial communications protocols for signs of malicious activity. Attackers need to get lucky only once as they try to break down America's critical systems. Defenders must be successful every time. The race is now on to protect critical infrastructure from attack, and the design choices that we make now will have profound effects in the future. Find out more about how to protect your critical infrastructure from cyberattack. This post was created by Insider Studios with Cisco.Join the conversation about this story »
More like this (3)
Meet the 7 Cisco executives backing CEO Chuck Robbins as the tech giant navigates the COVID-19 crisis and the rise of the cloud (CSCO)
Cisco has reeled from the effects of the economic downturn, although it has also benefitted from...Cisco has reeled from the effects of the economic downturn, although it has also benefitted from stronger demand for networking and videoconferencing technology due to the sudden rise of the remote workforce. The Silicon Valley giant is also adapting to new enterprise trends, led by the cloud and software-defined networking. Cisco has recently reorganized its top leadership, building a team backing CEO Chuck Robbins that is also "changing the narrative around Cisco," IDC President Crawford Del Prete told Business Insider. Here are 7 top Cisco executives helping Robbins navigate the current crisis and the broader industry changes. Visit Business Insider's homepage for more stories. Like most tech companies, Cisco is navigating the uncertainty caused by the coronavirus crisis and the economic downturn. But the crisis has also turned the spotlight on Cisco's strengths as a tech powerhouse. Cisco has benefitted from the sharp pivot to remote work, which led to stronger demand for its networking products and its Webex telecommunications platform. "Overall, Cisco should be a relative 'winner' in the pivot to work from home and the emergence of a new normal," IDC President Crawford Del Prete told Business Insider. Cisco is adjusting to a new normal even as the tech giant, under CEO Chuck Robbins, adapts to broader enterprise tech trends, led by the rapid growth of the cloud. The cloud lets businesses set up networks on web-based platforms, allowing them to scale back or even abandon private data centers. Cisco is also embracing the shift toward software-defined networking, in which businesses rely less heavily on hardware by using software to operate their networks and data centers. Cisco has been reorganizing to take on these challenges, naming executives to help Robbins in "remaking the company into more of a software-defined cloud company over time," Del Prete said. The company also stands out in Silicon Valley for the diversity of its executive leadership team. Nearly half of of Cisco's top leadership are women, and nearly 40% are minorities. "I see this team as changing the narrative around Cisco," he said. "Cisco connected the world 20 years ago, now this team will not only keep the world connected, but build a strategy to make it better managed, secure, and agile. It's a cool transformation." Here are the 7 top executives, each of whom reports to Robbins, who are playing key roles in this transformation:Irving Tan is Cisco's chief operating officer Title: Chief Operating Officer Irving Tan is in charge of Cisco's operating strategy, which has become a more challenging job during the coronavirus crisis and the economic downturn. A big part of Tan's role has been to lead the the tech behemoth in the sharp pivot to remote work, making sure its 75,000 employees globally have what they need to make the transition. "How do we make our networks, our connectivity more robust, more resilient. How do we scale up much more effectively," Tan recently told Business Insider. "There's a lot of learning and it's still somewhat early days." A veteran tech executive, Tan has been with Cisco for more than a decade, taking on leadership roles in the company's operations in the Asia Pacific and Japan. Jonathan Davidson is in charge of Cisco's mass-scale infrastructure group Title: Senior Vice President for mass-scale infrastructure Jonathan Davidson leads the team that develops that key components for building a robust network, including chips, optics, hardware and software. He also plays an important role in expanding Cisco's reach in the telecommunications market where it competes with the likes of Ericcson, Huawei and Samsung especially in the battle for dominance in 5G, the next-generation networking technology that's expected to lead to faster wireless Internet connections, "I think the service provider side of the business that Jonathan leads offers tremendous growth upside for the company," Will Townsend, a senior analyst with Moor Insights & Strategy, told Business Insider. "They're going out to your service provider with 5G, and helping operators become more agile with disaggregated hardware," Townsend said. He described Davidson as "a very pragmatic leader and he brings great experience to the job." Anuj Kapur is Cisco's chief strategy officer Title: Chief Strategy Officer Anuj Kapur is Cisco's point man in defining and fine-tuning the tech giant's overall strategy, a role that has kept him busy given the dramatic changes over the past few months. The pandemic lockdown and the sudden pivot to remote work have accelerated the growth of the cloud. This has been good news for Cisco for the shift also led to stronger demand for robust networks and videoconferencing tools like its WebEx. There has been "a shift in the demand curve in ways that has been without precedent," he told Business Insider in a recent interview. Kapur is "very focused on looking at practical application of technology, not just looking, a few years out but looking several years out," Will Townsend, a senior analyst with Moor Insights & Strategy, told Business Insider. "And that's very difficult to do. I think you know he's been responsible for a lot of the company's successes." Fran Katsoudas is Cisco's chief people officer Title: Chief People Officer Fran Katsoudas joined Cisco as a tech support employee in 1996, making her one of the longest-serving executive leaders at the tech giant. She has also taken on different roles at different parts of the business over the past 24 years, which has given her important insights into her current position as head of Cisco's human resources organization. It's a critical role in a time of crisis when Cisco's 75,000 employees have had to work remotely. She recently led an initiative that gave Cisco's employees a day off to recharge. Katsoudas once played a key role in making sure that the employees of companies Cisco has acquired were properly integrated into the Cisco organization. In fact, she helped determine if a potential acquisition target would be a culture fit for the company. "It's really important to us," she told Business Insider recently. "We have walked away from companies, where we have really been enamored by the technology, but had this realization that it wasn't going to be the right culture fit." Gerri Elliott is Cisco's chief sales and marketing officer Title: Chief Sales and Marketing Officer Gerri Elliott was named Cisco's chief sales and marketing officer in 2018, after a long career with other tech giants, including Juniper Networks, Microsoft and IBM. She's well known for her deep experience in international markets, particularly in Asia. She led the unveiling of new branding campaign that turns the spotlight on Cisco's role as a leading enterprise tech provider while "weaving compassion and humanitarianism into the campaign," Will Townsend, a senior analyst with Moor Insights & Strategy, said. "She brings a level of marketing acumen that the company hasn't had in the past," he added. Todd Nightingale is senior vice president for enterprise networking and cloud Title: Senior Vice President for enterprise networking and cloud Todd Nightingale leads the team focused on Cisco's core networking products. He joined Cisco in 2012 after the company acquired Meraki, the cloud-based networking company. Nightingale led Meraki as general manager until March when he took on a bigger role. Will Townsend of Moor Insights & Strategy praised his "very practical approach to technology." For Nightingale, "it's not about offering 10 or 12 features. It's about figuring out what are the one or two most important features that customers need and do them right," he told Business Insider. Nightingale himself stressed the importance of simplicity and ease of use in building products. "The religion of Cisco is there is no technology religion," he told Business Insider in a 2018 interview. "I guess my religion is 'it could be simpler.' It could always be simpler for our customers." Maria Martinez is Cisco's chief customer experience officer Title: Chief Customer Experience Officer Maria Martinez joined Cisco only in 2018, after eight years as a top sales and customer relations executive at Salesforce, the cloud software powerhouse. Martinez leads Cisco's services and customer relations organization. It's a critical role at a time when the tech giant now offers more options for customers to access its products, including paying a subscription for services, instead of buying entire systems. Cisco has also embraced software-defined networking, which allows businesses to rely less heavily on networking hardware, using software systems used to run data centers. Martinez's vast experience with Salesforce, the pioneer of the software-as-a-service trend, is one of her key strengths in her role, Will Townsend of Moor Insights & Strategy said. "She cut her teeth at Salesforce, a very impressive pedigree," he told Business Insider.
5 Zero-day Vulnerabilities in Cisco Discovery Protocol Impacting Tens of Millions of Devices. The technical whitepapers...5 Zero-day Vulnerabilities in Cisco Discovery Protocol Impacting Tens of Millions of Devices. The technical whitepapers are 29 pages long has all detail and code(by decompile code). Reading these white papers are definetely improve your knowledge a lot and help to avoid these mistake: mostly on stack overflow and format-string vulnerability. On the same security topic, sudo has a serious flaw for 9 years Check them out and upgrade sudo as well.