|Matt Watchinski, the vice president of Cisco Talos, delivers a keynote address at the RSA Conference in San Francisco on Tuesday.|
By Jonathan Munshaw of Cisco Talos and Liza Meak of The Network, Cisco’s technology news site.
By 2020, Gartner predicts 20 billion connected devices will be online — and more devices mean more security threats. Connected devices have exploded into the public and corporate landscape, rattling the bars of the cyber security cage.
In a keynote address at the RSA Conference in San Francisco, Matt Watchinski, the vice president of Cisco Talos, said the growing prevalence of these devices has made them an urgent priority to protect them from attackers. Liz Centoni, the senior vice president of Cisco’s IoT (internet-of-things) Business Group, presented along with Watchinski.
“These technologies will make it into our critical infrastructure; they’ll make their way into how we deliver water and power,” he said during the address. “We have achieved so much in IT security. We are now going to have to learn a completely different world of OT [operational technology] security."
One of the most notable and recent IoT security attacks was VPNFilter, which Talos exposed last May. Talos researchers, working with public and private-sector threat intelligence partners and law enforcement, discovered malware infecting hundreds of thousands of networking devices worldwide, ready to act as a “kill switch” to take these devices offline at a moment’s notice.
Watchinski said VPNFilter is a well-known and well-publicized example, but there are many other daily, systemic attacks the public isn’t aware of that could disrupt daily services people need to live, such as electricity, oil and water.
Many companies are unprepared to defend against these kinds of attacks. Watchinski and Centoni reiterated that IT and OT teams need to work together to shield any device that connects to the Internet. Centoni said many Cisco customers are unaware of up to 40 or 50 percent of the devices on their network.
“Security is the reason IT and OT teams are forced to work together,” she said. “Today they work in different worlds.”
Centoni gave an analogy to group existing technology into two different spaces: carpeted and non-carpeted.
The traditional devices in carpeted environments, such as routers, switches and endpoints, are already well-secured thanks to the work of security researchers and in-house IT teams.
But other devices, even oil pipelines, parking meters and electric scooters, connect to those same networks in non-carpeted spaces, meaning they exist out in the open. These devices are most at risk because IT teams aren’t currently paying close attention to them.
Centoni explained the need for security to be baked into the DNA of OT. Once implemented, OT systems usually don’t get upgraded for decades, so security has to be a fundamental part of the original design.
For more coverage of Cisco’s keynote at RSA, check out live tweets during the event below. You can also watch a recording of the presentation here. And for more of what to expect from Talos at RSA, listen to the latest Beers with Talos podcast here.