Feature Story

Taking security to the IoT Edge

by Kevin Delaney

Taking security to the IoT Edge

From renewable energy to smart factories, Edge computing is essential. Cisco keeps it secure.

The Internet of Things has generated no shortage of buzz, press, and outright hype in recent years. 

And today IoT use cases — from renewable energy and smart factories to autonomous vehicles, remote medicine, and beyond — stand poised to reach their full promise. But much of that still depends on our ability to bring compute power, security, and observability to the edge of the network, where so many IoT devices and end points live. 

“The Internet of things is all about making things smarter, which were not smart before,” said Archana Khetan, Cisco head of product management for enterprise routing/SDWAN infrastructure. “And naturally, a lot of different types of data is being generated, which is more operational and real time in nature. That’s why you need edge compute.”

In many cases, that data needs to be processed quickly and securely right where it was created.  
“If you are capturing data and doing analytics for real-time delivery at the edge,” Khetan added, “then the latency of going out to a cloud or data center and providing that inference back takes time. So, edge computing reduces latency for information that has to be processed locally and in real time.”

Of course, amid all those far-flung endpoints, complexity deepens and security vulnerabilities broaden. In the United States, this was highlighted in recent months by high-profile hacks that included a major pipeline, water utility, and meat-packing plant. Many other such attacks fall under the radar of public awareness. 

For IoT to be the game changer it needs to be, such vulnerabilities must be addressed. Cisco is doing just that, with a suite of solutions that tie together the complex web of IoT devices, apps, and multiple clouds, while bringing observability to the farthest edges of the network. 

“Across those very critical infrastructures, there is a vast amount of equipment, devices, and people to connect,” said Samuel Pasquier, head of product management for Cisco’s industrial IoT connectivity portfolio, “and those networks can be very insecure.”

“Cisco,” he added “Is the only company that’s offering a full portfolio of products to connect and secure those kinds of equipment and devices. There is a lot of demand for it in manufacturing, connecting assets on plant floors, connecting oil and gas pipelines, connecting utilities, and so on.”

‘You can’t secure what you can’t see’

That demand reflects the difficulty in knowing just what’s happening across a highly distributed network of disparate devices and connected things. 

As Gee Rittenhouse, senior vice president and general manager of Cisco’s Security Business Group stressed, keeping a typical enterprise secured across offices and remote workers is challenging enough. But the Internet of Things adds an additional layer of complexity, with vast numbers of sensors, devices, machines, and other endpoints, many of which lack dedicated security controls. 

“Because it’s so broad, the risks that the Internet of Things introduces can be unknown,” Rittenhouse said. “Even though the vulnerability may be small for one individual endpoint, it can be large when integrated across an entire enterprise.”

“In many cases with IoT,” Rittenhouse added, “these devices are not even patchable, or they come with default passwords. And we don’t know the vulnerability of every thermostat, printer, camera, or sensor. So, there’s a big vulnerability piece to IoT.”  

Observability is key to solving that vulnerability. Pasquier explained how one of the offerings in Cisco’s IoT portfolio, Cyber Vision, extends visibility out to the edge. 

“A lot of customers have an IoT infrastructure but don’t actually know what is happening across it,” he said, “and that’s very scary for them. What Cyber Vision does, is it provides visibility to any kind of asset that’s connected to the network. And it can tell you exactly what that device or sensor is doing, no matter where it resides.”

“You can’t secure what you can’t see,” Pasquier added.

Security and insight, for all

If an edge device does get hacked, limiting the exposure is crucial.

“You can put all of your IoT devices on one network segment, which is like its own separate highway,” Rittenhouse said. “So, if an IoT device does get compromised, the damage can’t spread to the HR highway, or the development highway, or the financial highway.”

Of course, all of these solutions are designed with simplicity in mind, at every stage of the design process. And bringing simplicity to security also makes it available to more and more organizations, both large and small. 

“It’s really a kind of democratization,” said Rittenhouse. “Around making security radically simple to use, for everyone.” 

In the end, these kinds of edge security solutions are about enabling the growth, innovation, and efficiency that IoT promises to unleash. 

“I think the ultimate vision for IoT,” concluded Khetan, “is to create an environment in which you have a complete understanding about every aspect of your business. And to do it at the speed of business. That means creating information and insight in real time, to allow everyone in the organization, from the CEO to the frontline worker to have all that information at their fingertips. So, they can work as efficiently as possible.”  

All those great benefits demand a smart, secure foundation. 

“It’s only possible if you have a secure network infrastructure,” Pasquier concluded. “Whatever you are trying to enable, it has to be secure out to the edge.”

###

Related content: