Government Technology

The Internet of Things Changes Everything for Security



February 28, 2014 By

SAN FRANCISCO — The emerging Internet of Everything is poised to change everything for cybersecurity. That was the message from a pair of Cisco executives Thursday at the 2014 RSA Conference.

“We’re not controlling and managing inanimate objects or devices; we’re gradually figuring out how to control and manage that interaction of those devices with people,” said Padmasree Warrior, Cisco’s chief technology and strategy officer, during an afternoon keynote at the annual security conference.
 
Warrior and Christopher Young, senior vice president of the company’s security business group, shared a comprehensive strategy for securing the much-ballyhooed Internet of Things paradigm, an environment comprising billions of connected devices and apps that can all be managed remotely with modern technology.
 
The network administrators of tomorrow can’t approach the ever-changing landscape of networked objects and programs the way they do today. Instead, they’ll need to adopt a two-step approach that monitors device users through traditional means like authentication and validation, but also monitors the characteristics and state of the devices in use.
 
“We have to figure out how to bridge both these sets of features together,” Warrior said.
 
For his part, Young laid out a three-point strategy to address the situation.

1.    Enhanced visibility. An air traffic control-like system where devices and processes are monitored in real time for their behavior and destinations.
2.    Increased threat awareness. A greater cognizance of the interactions between different elements of network infrastructure so anomalies will be more easily caught.
3.    Quick action. The ability of cybersecurity professionals to act quickly when threats are detected, which will require streamlining threat remediation strategies and cleaning up bureaucratic hurdles.

Warrior pointed to Cisco’s Open App ID initiative as a way to strengthen cyberdefense. The program lets open source developers contribute code that helps users identify applications over the Internet. Enhanced identification features will provide greater control and management of applications accessed over the network.
 
She and Young discussed challenges ahead, but their tone was optimistic.
 
“We come together at places like the RSA conference and we challenge our assumptions, and try to come up with ways for a new security model,” Young said. “This year’s going to be no different for us at the RSA conference.”
 
Young also announced the launch of Cisco’s Internet of Things Security Grand Challenge which invites security experts from around the world to submit solutions to security challenges triggered by the Internet of Things. The contest will award $50,000 to $75,000 to as many as six recipients, according to the company.
 
Young stressed the need for a shift in the cybersecurity framework to accommodate the rapid development and obsolescence of technology offerings.
 
“The pace of change in our business is accelerating rapidly,” he said. “We’re in a world today where things are changing so quickly that the useful life of our products and solutions is declining at a rate that’s difficult to keep up with.


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Maintain Your IT Budget with Consistent Compliance Practices
Between the demands of meeting federal IT compliance mandates, increasing cybersecurity threats, and ever-shrinking budgets, it’s not uncommon for routine maintenance tasks to slip among state and local government IT departments. If it’s been months, or even only days, since you have maintained your systems, your agency may not be prepared for a compliance audit—and that could have severe financial consequences. Regardless of your mission, consistent systems keep your data secure, your age
Best Practice Guide for Cloud and As-A-Service Procurements
While technology service options for government continue to evolve, procurement processes and policies have remained firmly rooted in practices that are no longer effective. This guide, built upon the collaborative work of state and local government and industry executives, outlines and explains the changes needed for more flexible and agile procurement processes.
Fresh Ideas In Online Security for Public Safety Organizations
Lesley Carhart, Senior Information Security Specialist at Motorola Solutions, knows that online and computer security are more challenging than ever. Personal smartphones, removable devices like USB storage drives, and social media have a significant impact on security. In “Fresh Ideas in Online Security for Public Safely Organizations,” Lesley provides recommendations to improve your online security against threats from social networks, removable devices, weak passwords and digital photos.
View All

Featured Papers