SecuritySolutionsWatch.com interviews Marc Blackmer, Product Marketing Manager, Industry Solutions, Security Business Group, Cisco on the biggest security challenges within the IoT today.
Marc Blackmer is a technologist, blogger, and cybersecurity professional who has spent more than 15 years assisting some of the world’s top energy producers, financial institutions, and governments worldwide defend their critical assets from cyber threats. His technical background in information technology engineering, ICS cybersecurity, and IT governance, risk, and compliance, brings a unique perspective to addressing the threats facing critical infrastructure today and the coming Internet of Things.
SecuritySolutionsWatch.com: What are the biggest security challenges within the IoT today?
Marc Blackmer: The biggest challenge is scale; just think of that 50 billion number. How are security teams expected to protect their users, their networks, with such a proliferation and variance in connected devices? It’s not as if security budgets are scaling up with the threats. That’s the reality we’re all left with, so our approach is focused on services, products, and integrated partnerships.
From a product perspective, we are platform-based – so that customers can pick and choose what they need to meet their requirements, while knowing these products will integrate with each other – to build security architectures. Point solutions can leave gaps or create redundancies that are inefficient from the technology, budget, and administrative perspectives. But we know that one company cannot do everything, so we continue to build a robust, integrated technical partnership ecosystem. All that being said, the best technology doesn’t help if it’s not properly deployed and administered, so we provide our customers with a wide range of consulting and managed services offerings, and partner with other services organizations, as well.
SecuritySolutionsWatch.com: Where do you think security innovation within #IoT should be moving toward?
Marc Blackmer: I would say “usability.” I’ve long argued that the security industry, as a whole, is trying to engineer its way out of a human problem. Yes, the foundation of IoT is about connected technologies, but the benefits we hope to gain are benefits for humans. It’s also we humans who must secure the IoT, and this is why I say usability is vital. Powerful technology has no value if nobody knows how to use it properly.
To that end, we have been working on an open, standards-based approach to securing the IoT called Manufacturer Usage Description. In short, the approach uses the respective expertise of connected device manufacturers and security providers to simplify the life of security administrators. I won’t go into all of the details now, but you can find the RFC here: https://datatracker.ietf.org/doc/draft-lear-ietf-netmod-mud/ . What’s been really great is that we’ve been contacted by some big players interested in the concept, and wanting to contribute to the standardization process. We’d always intended this to be a community effort and welcome the collaboration.
SecuritySolutionsWatch.com: Any ‘wins” or success stories you would like to discuss?
Marc Blackmer: Understandably, not a lot of organizations want to publicly speak about their security challenges, and I’ll respect those concerns. What I can do is give you a couple of anonymous examples. In one case, a US electric utility was facing a malware outbreak and they just couldn’t get their arms around it. Once they’d cleaned a certain amount of machines, the same number of new infections would show up elsewhere. This went on for about four months, until they decided to deploy our advanced malware protection, or AMP. By the customer’s estimate, they were able to detect all infected nodes and remove the malware en-masse in about 40 minutes.
Another example is how we were able to help out a global oil company with their security staffing needs for their industrial network operations. I’d mentioned the importance of humans in properly deploying, configuring, and administering security technology. The complicating factor is that there is a talent shortage to the point that we estimate that there will be a deficit of 1 million trained cybersecurity professional in a couple of years. We now staff and manage their industrial security operations center for them, and bring the benefit of years of experience in securing industrial environments.
SecuritySolutionsWatch.com: It’s safe to say that today’s constant threat environment has never been more challenging. Please share with us your thought on “best practices” in this IoT, mobility and BYOD environment.
Marc Blackmer: We, as security practitioners, have to keep our eyes on the basic blocking and tackling of security – segmentation, defense-in-depth, etc. Granted, these aren’t new exciting things to talk about, but they work. Period. And we can’t lose sight of that. The harsh reality in security is that the good guys need to get it 100% right 100% of the time, while the bad guys only need to get it right once. We need to start with that solid foundation to be effective.
We also can’t lose sight of the fact that networks must provide value for the humans that use them. The priority for us in security, of course, is to keep the network safe, but if we put barriers in front of the users that they perceive to keep them from doing their work, they will find ways around those protections. That doesn’t do any of us any good. But we can’t expect users to become security professionals, so it’s important to secure networks in a way that ensures the usability for the users.
You can read the full interview here.