The Greatest Gap in Securing Critical Infrastructure - Cisco Certifications

The Industrial Internet of Things (IIoT) promises transformational opportunities. Yet the open, standards-based internet technologies that enable the IIoT and economic innovation also present an array of complex challenges to critical infrastructure providers. Technology is being embedded into existing Industrial and Automation Control Systems (IACS) deployments and the IIoT is being used to monitor and optimize IACS processes, with more and more network connections being made to enable digitization strategies. While the electronics of brownfield critical infrastructure—the systems currently in operation—were designed with considerations of safety, availability, redundancy; they were not built with cybersecurity in mind. Yet, the existing infrastructure in the ecosystem was designed to be operational for several more decades. And IIoT solutions are being bolted on alongside these brownfield systems, exposing them to Internet-based risks. The interconnectedness of today’s technologies exposes the insecure-by-design electronics of brownfield IACS and the physical systems they control to worldwide threats.

What can system integrators, asset owners and operators do to enhance cyber resilience of operational cyber-physical-converged systems?

To help secure new technology deployments within the IIoT, we’ve seen progress through the actions of embedding trustworthy technologies into those systems, aligning them to industry standards and focusing on value chain security to mitigate the threats of the third party ecosystem. While encouraging, these activities focus on new or greenfield IIoT and IACS deployments. It’s only when new IACS are built that there will there be a chance to insert electronics that are secure by design. This implies that there will be a gap in security for the next several decades until all legacy electronics supporting critical infrastructure are replaced.

Addressing this security gap must remain a priority as connectivity increases between legacy or brownfield systems and the internet if cyber resilience is to be achieved.

Recently, I had the chance to visit and speak directly with a variety of European customers whose primary business is industrial-focused. Our discussions focused on this security gap and covered the state of Industrial security and the IIoT, the business and technical challenges of securing IACS, the complexity of assessing cyber risks, and best practices, standards, and technologies that can aid in solving these challenges.  The technical stakeholders I spoke with represented manufacturing, energy and water utilities, transportation, ports, logistics and retailers. While there was general consensus regarding the many challenges and possible solutions to securing electronic systems that support our IACS, the lack of consensus to the following question was troubling:

Does your company operate a Secure Operations Center (SOC)?

In order to keep up with the threat landscape, every critical infrastructure provider must build, operate and maintain a Security Operations Center (SOC) to enhance the cyber resilience of these operational systems. Simply put, the faster an organization can detect any incident that could impact the business; contain and minimize the scope of the impact; and restore all systems to a known good state, the less that incident will cost and the more resilient that organization and it’s operational IACS will be. Keep in mind that when security incidents arise, they have the potential to not only affect your organization, but could create cascading failures that impact your local municipality, your business partners, and your customers.

The relevance and importance of a SOC increases significantly in critical infrastructure environments where protective security measures may not always be available or implemented due to the heterogeneous systems, protocols, technologies, and standards that enable IACS and the IIoT. The capabilities of the SOC enable organizations to increase cyber resilience by accepting that cyber incidents will occur, adopting the NIST Cybersecurity Framework, and focusing on the full lifecycle of operational risk management: Identify, Protect, Detect, Respond, and Recover. Note that protective measures are just one function of this framework – in alignment with how Cisco views the cyber-attack continuum.

This is why building, operating and maintaining a SOC is vital.

Equally important is to ensure your SOC is tightly integrated with your IACS operations and control centers. Such integrations enable collaboration between IACS operations experts and cyber security experts to sift through the noise and determine which security-related events are important.

Here are four activities that will enable your SOC to build cyber resilience into your entire organization:

1. Listen to your networks – enable, export, and regularly review network telemetry from all capable electronic assets in order to hunt for anomalies and potential threats. Aggregate threat intelligence from your peers and industry groups and investigate if the same Indicators of Compromise (IOC) found externally can be found in your networks.
2. Test technology stacks – verify that all system backups are being performed successfully, and validate the integrity of those backups and recovery processes by cyclically restoring from backups.
3. Simulate security incident scenarios – step through your business continuity and disaster recovery plans in conjunction with the integrated operations centers and larger organization on a recurring basis.
4. Build a security culture – enable your SOC specialists to provide business-relevant security training to the entire organization about the threats they see, with contextually relevant content for engineering, operations, dispatch, and field teams.

Cyber resilience means identifying threats that could impact operations, being prepared to react quickly, and ensuring that systems fail safe. If you enable network telemetry data streams you can gain visibility into the baseline operations of your environment. By regularly reviewing the data against known IOCs, you can quickly detect anomalous behavior. By practicing incident response plans you’ll decrease the time it takes to respond appropriately and recover from a real incident – this is cyber resilience.

Success Secrets: How you can Pass Cisco Certification Exams in first attempt

Cisco Connected Workplace: You May Now Move Freely About the Office - Cisco Certifications

If you fell asleep in a ’90s data center and woke up in a modern one, you’d know instantly. But if you dozed off in your office and woke up 25 years later, it’s possible you’d be none the wiser until you confronted the espresso machine.

In the ’90s, we added one building a month to our San Jose campus. Twenty years later, the office space still looked about the same. You’ve seen it: 60-inch cubicle walls with perimeter offices blocking natural light. The space was antiquated, dilapidated, and—frankly—depressing.

In 2011, we had a new incentive to modernize the workspace. We had entered a fierce competition for talent, and open, flexible space with the latest technology would make our workplace more attractive to potential hires. We also wanted to optimize utilization of our real estate portfolio. Many employees worked from home at least one day a week, so on any given day we were only using 50% of our 23 million square feet of office space around the world

Supporting today’s diverse workstyles

In 2012 we began converting our buildings to Cisco Connected Workplaces. The renovated buildings have three characteristics: activity-based workspace, integrated technology, and flexible policies. Each office has a variety of spaces we can move to freely throughout the day: communal areas with comfortable seating, quiet rooms, huddle rooms for 2-5 people, and larger conference rooms. We have pervasive wireless and any kind of voice or video endpoint we could want. Managers and employees agree on how often employees need to be in the office—all the time, never, or something in between.

We’re “customer zero” for some of the Cisco technologies we’re using in the new spaces. One is Cisco Workplace Analytics, which uses the building’s wireless network to see where people (their wireless devices, actually) move throughout the day and how long they stay. We use the information to continually optimize the design as work styles evolve.

About the budget

Renovating hundreds of buildings isn’t cheap. We were confident we’d see payback based on talent attraction, retention, and OpEx savings. But we also knew we’d have to prove that to our CFO. So rather than submitting a request for a lump sum, we built a 5-year plan to prove the case in a few buildings in year one and then accelerate the investment in subsequent years.

Business value to-date

As of 2018, we’ve renovated 90% of our global portfolio. In the process we’ve shed 7.5 million square feet by terminating our leases or selling the buildings. That saved nearly $200 million in OpEx and produced $288 million in net asset sale proceeds. We closed 21 of 60 buildings in San Jose alone.

At the same time, productivity rose by 19% (as measured by an internal survey) and 73% of the workforce reported better work-life balance. I’m especially encouraged that 66% of new hires say the workplace had a positive impact on their decision to join Cisco.  We’ve all heard the advice to not judge a book by its cover, but face it, people do. And in this case, open, flexible workspace accurately represents what’s behind it: a company that invests in collaboration and work-life balance.

Our experts say about Cisco Certification Exams

Cisco Predicts More IP Traffic in the Next Five Years Than in the History of the Internet

The internet is made up of thousands of public and private networks around the world. And since it came to life in 1984, more than 4.7 zettabytes of IP traffic have flowed across it. That’s the same as all the movies ever made crossing global IP networks in less than a minute.

Yet the new Visual Networking Index (VNI) by Cisco predicts that is just the beginning. By 2022, more IP traffic will cross global networks than in all prior ‘internet years’ combined up to the end of 2016. In other words, more traffic will be created in 2022 than in the 32 years since the internet started. Where will that traffic come from? All of us, our machines and the way we use the internet. By 2022, 60 percent of the global population will be internet users. More than 28 billion devices and connections will be online. And video will make up 82 percent of all IP traffic.

Key predictions for 2022

Cisco’s VNI looks at the impact that users, devices and other trends will have on global IP networks over a five-year period. From 2017 to 2022, Cisco predicts:

Global IP traffic will more than triple

• Global IP traffic is expected to reach 396 exabytes per month by 2022, up from 122 exabytes per month in 2017. That’s 4.8 zettabytes of traffic per year by 2022.
• By 2022, the busiest hour of internet traffic will be six times more active than the average. Busy hour internet traffic will grow by nearly five times (37 percent CAGR) from 2017 to 2022, reaching 7.2 petabytes [1] per second by 2022. In comparison, average internet traffic will grow by nearly four times (30 percent CAGR) over the same period to reach 1 petabyte by 2022.

Global internet users will make up 60 percent of the world’s population

There will be 4.8 billion internet users by 2022. That’s up from 3.4 billion in 2017 or 45 percent of the world’s population.

Global networked devices and connections will reach 28.5 billion

• By 2022, there will be 28.5 billion fixed and mobile personal devices and connections, up from 18 billion in 2017—or 3.6 networked devices/connections per person, from 2.4 per person.
• More than half of all devices and connections will be machine-to-machine by 2022, up from 34 percent in 2017. That’s 14.6 billion connections from smart speakers, fixtures, devices and everything else, up from 6.1 billion.

Global broadband, Wi-Fi and mobile speeds will double or more

Average global fixed broadband speeds will nearly double from 39.0 Mbps to 75.4 Mbps.

Average global Wi-Fi connection speeds will more than double from 24.4 Mbps to 54.0 Mbps.

Average global mobile connection speeds will more than triple from 8.7 Mbps to 28.5 Mbps.

Video, gaming and multimedia will make up more than 85 percent of all traffic

• IP video traffic will quadruple by 2022. As a result, it will make up an even larger percentage of total IP traffic than before—up to 82 percent from 75 percent.
• Gaming traffic is expected to grow nine-fold from 2017 to 2022. It will represent four percent of overall IP traffic in 2022.
• Virtual and augmented reality traffic will skyrocket as more consumers and businesses use the technologies. By 2022, virtual and augmented reality traffic will reach 4.02 exabytes/month, up from 0.33 exabytes/month in 2017.

Our experts say about Cisco Exams in this video