8/8/19 Update: Today we completed the acquisition of Sentryo. Welcome to Cisco!
When the term ‘The Internet of Things’ was first coined in the 90’s, it was used to describe a range of interconnected sensors gathering information about the real world. Today, as organizations digitize, they are connecting their operational technology (OT) environments, containing a wide array of sensor and devices, to the Enterprise IT networks.
The reality, according to a recent report by ZK Research is “55% have no or low confidence that they know all devices in their network.” Moreover, the devices in OT were never built with security in mind. These are devices such as:
- Programmable logic controllers (PLCs) which are commonly used to control a process such as oil refining, or a manufacturing line.
- Remote Terminal Units (RTUs) as the name implies tend to be outside the building in a remote area, such as an electric utility substation.
With these IoT devices lacking modern embedded software and security capabilities, segmentation will be the key technology to allow communication from operational assets to the rightful systems, and reduce risk of cyber security incidents like we saw with WannaCry and Norsk Hydro.
Automating visibility into operational technology
To solve for this, Cisco announced its intention to acquire Sentryo, providing automated device visibility and protection for OT assets. This acquisition will help our customers with 3 problems:
- Visibility: Network enabled passive deep packet inspection (DPI) capabilities to discover IoT and OT assets, and establish the communication patterns between devices and systems. Sentryo’s sensor is natively deployable on Cisco’s IOx framework, it can be built into the industrial network these devices run on instead of adding additional hardware. With Cisco recently being named the leader in Industrial Edge Networking by IHS Markit, Sentryo will add tremendous value for our customers including those operating industrial control systems in oil and gas, electric utilities, building automation, mining operations, chemical processing facilities, and more.
- Segmentation: As the device identification and communication patterns are created, Cisco will integrate this with DNA Center and Identity Services Engine (ISE) to allow customers to easily define segmentation policy and specific actions. This integration will allow OT teams to leverage the IT security teams expertise to secure their environments, without risk to the operational processes.
- Operations: For OT users, Sentryo also provides Operational visibility like PLC Start/Stop, operational events, as well as programming changes being made to PLCs, RTUs, and other industrial devices. With these capabilities OT can ensure maximum uptimes, production yields, improve safety, while maintain a robust cyber security posture.
Securing your business for the future
With organizations digitizing, connecting formerly siloed systems, and pushing for greater business intelligence, the need to do so in a secure way is more important than ever. With this acquisition we’re delivering the most secure network – from the networking hardware, to the operating software, and now to securing the operations critical to your success.
Though the details of operations are not clear, I was wondering if the security is only based on communication monitoring, threats of data corruption by malwares can also be taken care of by this process?
Is the Sentryo platform multi-tenant for MSPs and MSSPs to offer IIoT security services to customers?
-jp
Joe Panettieri
Editor, MSSP Alert & ChannelE2E
EVP, After Nines Inc.
Joe [at] AfterNines [dot] com
Great move by Cisco!