To help organizations who aspire to apply the power of big data enterprise-wide, Cisco provides a powerful, efficient, and secure infrastructure and a wide array of analytics solutions. In our previous blogs, others have highlighted the benefits of Cisco's ability to provide the scalability, ability to process both real-time data and historical data with predictable, high performance, and the comprehensive management automation enterprises will need to keep pace with big data in the IoE era. Today, I'd like to begin a conversation about how enterprises can secure their increasingly distributed networks -and the data that is being transported across them -as we operate in an environment comprised of 50 billion connected devices (in just five years from now).
One of the key drivers of Big Data is the Internet of Things (IoT), when every connected 'thing' will be capable of producing data. IoT has become a popular topic of discussion amongst security company executives, analysts, and other industry pundits. As they discuss the technical details, it quickly becomes evident that many of the most experienced security professionals still approach IoT with an IT-centric mindset. Of course, they are partially correct. Securing an escalating volume of data requires rethinking our approach to security. Not only do security devices need to be faster, they need to navigate issues very specific to data centers and complex data flows. They need to be inserted as close to the traffic flow as possible, such as being positioned inline into East/West traffic flowing across the data center. They need to be able to track and secure asymmetric traffic, often across multiple locations. They need to be able to blend corporate policy with public standards. Finally, they need to move seamlessly across physical, virtual, and cloud environments in order to ensure seamless policy enforcement. Gone are the days when we can just hairpin traffic out of the data center to be inspected elsewhere. Speed and agility do not allow for that sort of bottleneck.
However, IoT is not only about the billions of new connected objects and inspecting the data they are producing. While the dramatic increase in the number and types of connected objects certainly expands the attack surface and dramatically increases the diversity of threats, they are only part of the IoT security challenge. Another new challenge is the convergence of the organization's existing IT network with the operational technology (OT) network (e.g., manufacturing floors, energy grids, transportation systems, and other industrial control systems.) These new environments, usually omitted from traditional IT thinking, expand the depth of security challenges, and makes threat remediation remarkably more complex.
Big Data is not just being generated by web-enabled toothbrushes or smart appliances. For Big Data to be useful, the data that is collected needs to be actionable. Converging data needs to be able to turn on or off water supplies, ramp up manufacturing floors, redirect traffic, or manage the flow of electricity during peak usage. As a result, while IT and OT were once separate networks, they are now simply different environments within a single extended network ? but by no means are they the same! The architectures, operational needs, platforms, and protocols are vastly different for each of them, and drive radically different security requirements. As a result, security architectures, solutions, and policies that have proven effective for years in the IT world often don't apply in OT environments, so attempting to enforce consistent security policies across the extended network is doomed for failure.
Protecting data confidentiality, especially at high volume, is IT's primary concern, so when faced with a threat, a common immediate response is to quarantine or shut down the affected system. But OT runs critical, 24