Internet of Everything requires security of everything: Cisco

A global ‘Internet of Everything’ (IoE) may be rapidly emerging as everything from lightbulbs to thermostats comes online, but that IoE could descend into chaos without revisiting the security frameworks protecting it, Cisco Systems executives have warned.

Addressing a thousand-strong crowd on the first day of the company’s Cisco Live! user event in Melbourne, Carlos Dominguez, a senior vice president in the office of the chairman and CEO with the seminal networking vendor, highlighted the increasing potential of connected non-computer devices, which are being paired with always-on connectivity to deliver interactive features that make for great demonstration material, if nothing else.

Carlos Dominguez

“You know the Internet has arrived when a light bulb is connected to the Internet,” Dominguez joked as he highlighted the many ways in which the emerging IoE – a Cisco term reflecting the convergence of machine-to-machine (M2M), person-to-machine (P2M), and person-to-person (P2P) communications – would integrate connectedness into everyday life.

“These devices are simple to use, smart, give you a lot of value, access the cloud, and they’re all generating a lot of information and data,” he said. “These connections are really going to be very powerful, but we need to turn all the analytical data that we’re getting, into wisdom – and we need to do it in a predictable manner.”

The scope of the challenge became clearer after the local release of Cisco’s updated Cisco VNI Global Mobile Data Traffic Forecast, 2012-2017, which predicted that growth of M2M devices in Australia and New Zealand would far outpace their proliferation across the APAC region. By 2017, M2M connections will account for 16.5% of global mobile services and 12.6% of APC mobile services – but would account for 28.0% of Australian mobile services and 29.1% of New Zealand mobile services.

“The variables in ANZ are being driven by more connections, the types of devices, and the faster mobile speeds and applications,” said Dr Robert Pepper, vice president of global technology policy, in a separate interview in which he noted growing use of connected sensors in manufacturing, supply chain management, transportation and other vertical industries.

“We’re in a very sophisticated market where people are already connected, and we’re seeing a huge growth in machine to machine devices over this period of time. Most of them are not going to be high data rate – they’re going to be very bursty when they talk, and will communicate most of the time with relatively small amounts of data – but huge numbers of these will be rolled out.”

Therein, both men conceded, lies the rub: security, in particular, becomes a particularly pointed challenge as the IoE scales up to millions and even “billions and trillions of sensors”, many of which are being developed as independent systems with little common ground or compliance to standards.

Yet it is this sort of compliance that will become increasingly important as growing usage of autonomous, connected sensors introduces all manner of new ingress point into the corporate network. Cisco has thrown its weight behind OpenFlow, a recently introduced protocol from the Open Networking Foundation (ONF) that has been designed to improve the security and flexibility of relatively fluid networks encapsulating the software defined network (SDN) concept.

OpenFlow manages communications between network controllers and switches, allowing for on-the-fly changes to network operation. This makes it ideal not only for supporting changes in bandwidth allocation, but for implementing consistent security monitoring and management tools that will allow organisations to keep an eye on the proliferation of devices as the IoE evolves.

The fact that ONF’s membership is a veritable who’s-who of networking vendors should lend some weight to Cisco’s claims that OpenFlow compliance is “incredibly important”, as noted by Bret Hartman, vice president and CTO of Cisco’s Security Technology Group, in a separate address.

Bret Hartman

“These networks are so complicated that it’s difficult to figure out how you have to secure them, and where security belongs in that whole huge, complicated network,” he explained, noting the companion role for Cisco’s ISE (Identity Services Engine), which enforces identity-based access control that can be extended to mobile devices as well as M2M network elements.

“The number of endpoints continues to grow, and ISE needs to keep up with that as we add more and more zeroes to the end of these numbers,” Hartman continued, noting the importance of security-analytics technology – which monitors network traffic for telltale signs of botnet command-and-control traffic – that Cisco picked up in its January acquisition of Cognitive Security.

“The fact that you have such a complicated network means that you have more attack services, and the bad guys have potentially more ways to impersonate and inject traffic. We need to do a better job sharing threat indications across products, and building the rights infrastructure to support this Internet of Everything scenario. It’s an arms race for all intents and purposes, and it’s going to be an arms race forever.”

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

Tags Internet of Everything (IoE)securityciscoCisco Live!

More about ANZ Banking GroupAPACAPC AustraliaCiscoCiscoCSOTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts