Cisco announced the introduction of Cisco IoT Threat Defense, focusing on segmenting connected devices to help defend against growing IoT cyber threats.
The first use of IoT Threat Defense is to secure vital services in advanced medical care, power generation and delivery, and automated manufacturing.
The IoT Threat Defense leverages Cisco's TrustSec with Stealthwatch's network behavior analytics and Cisco ISE (Identity Services Engine).
According to Cisco, organizations face two major hurdles in securing the IoT. First, most IoT devices can’t protect themselves. The resulting vulnerabilities create ample opportunities for attackers to exploit those devices and gain network access. The second complicating factor is scale, as businesses will be expected to connect billions of devices in the next few years.
Network segmentation is not new. Virtual Local Area Networks (VLANs) have been in use for decades. But the sheer scale of the IoT makes creating enough VLANs impractical, if not impossible, added the company.
In addition to the use of network segmentation to securely scale to meet the escalating needs of the IoT, Cisco said the IoT Threat Defense is built as a best-of-breed architecture, featuring a strong cast of integrated, trusted Cisco security capabilities:
This architecture provides visibility and analysis of traffic to and from IoT devices, as well as traffic entering and exiting the enterprise to detect threats and compromised hosts. It can detect anomalies, block threats, identify compromised hosts, and help mitigate user error. Additionally, it can secure remote access between sites and between organizations.