Helping customers reduce cyber risk by complying with NIS2 and securely managing industrial assets

This week, I’m attending Cisco Live in Amsterdam! Together with my team, we’re excited to exchange insights and network with our customers and industry leaders. Our focus is to interact with customers firsthand, grasp their preferences, and highlight how our latest portfolio upgrades cater to their requirements.

Up to this point in the event, numerous customers have emphasized that cybersecurity in industrial settings is a primary concern, alongside the introduction of the new NIS2 regulations. Our team is present to assist customers in navigating and adhering to these latest regulations, ensuring a seamless transition as we adjust to new mandates. Let me share some insights into NIS2 and outline our investments aimed at aiding customers.

Cisco helps customers comply with NIS2 regulations to reduce cyber risk with enhanced cybersecurity capabilities

The European Union created Network and Information Security (NIS2) to update and strengthen the existing NIS1 framework, addressing emerging cybersecurity threats and evolving technological landscapes more effectively. The intent is to enhance cybersecurity resilience and coordination across critical sectors and digital service providers. It will impact more than 350,000 organizations and will extend to non-European companies that are part of the EU supply chain. This directive will be enforced as of October 18, 2024.

To comply with NIS2 requirements, customers need a good understanding of their security posture to implement cyber risk management best practices and zero-trust security policies. Meeting these requirements requires our customers to control risks from their supply chain (machine builders, control system vendors, contractors, hardware service providers, etc.) as well as risks from connected assets that now need access to external applications and cloud services. This translates into a problem of scale for our customers due to the diverse ecosystem of supply chain vendors, and tens of thousands of assets in their environments.

Cisco has comprehensive capabilities and a market-leading industrial networking portfolio, which helps our customers address these challenges. Our portfolio complies with ISA/IEC 62443 security standards so that customers can trust their supply chain.

The Industrial IoT team has been investing in enhancements to industrial security solutions, Cisco Cyber Vision and Secure Equipment Access, to help customers reduce cyber risk and drive compliance with NIS2 cybersecurity regulations as they securely connect assets in their critical infrastructure.

First, we have enhancements to Cisco Cyber Vision with new reports and risk scores from Cisco Vulnerability management. Cyber Vision software, deployed on the industrial network, builds a detailed inventory of all connected assets and their security posture. This will help customers monitor and manage cyber risks of their OT assets. The new report engine helps industrial organizations drive compliance and governance by sharing OT Security Posture insights with all stakeholders.

“With Cyber Vision, we now have the visibility into our mission-critical OT networks as a first step to mitigate vulnerabilities and improve our security posture. Cyber Vision found more than 20 instances of malware in our substations and identified features and protocols that don’t need to be active.”

 – Emerson Cardoso, Chief Information Security Officer, CPFL Energia

External users need to connect to OT assets for maintenance and troubleshooting. Operational teams can use Cisco Secure Equipment Access to remotely deploy, configure, and troubleshoot assets and applications connected to Cisco industrial routers and switches. Secure Equipment Access solution adopts a ZTNA architecture that enforces strong security controls to grant remote users access only to specific resources at specific times. Another exciting announcement is the new Secure Equipment Access dashboard that helps administrators to monitor and audit remote access activities and trends for compliance. The dashboard works to enable advanced users and partners to automate remote access workflows with a new set of APIs for easy integration with other software solutions.

“As the NIS2 cybersecurity regulation is implemented across Europe, our industrial customers need to better control remote access to their operational networks. Cisco Secure Equipment Access simplifies the enforcement of zero-trust network access policies within an OT environment. By embedding this capability into the industrial network, Cisco makes it easy for customers to deploy OT cybersecurity at scale.”

 – Damiano Di Mauro, OT Networking Solutions Team Leader, Lutech (Cisco partner)

In our journey to help customers with Cyber Vision capabilities, we are very excited to see our partner Orange launching ‘Secure Industrial LAN’ managed service for industrial organizations. They are combining the Cisco Industrial IoT networking portfolio with Cisco Cyber Vision for OT security and skilled resources from Orange Cyberdefense and Orange Business worldwide. This service can be delivered to multinational customers with production sites across the globe with a single offer.

“As industries are accelerating the digitization of their operations, they need help to manage and secure industrial networks anywhere they are on the globe. By combining Cisco’s leading industrial networking and OT security portfolio with Orange Business’ and Orange Cyberdefense’s IT and OT expertise with human resources worldwide, our Secure Industrial LAN offer is the ideal solution for industrial organizations to scale their operations, improve resilience, and meet ever-growing cybersecurity regulations.”

– Emmanuel Routier, VP Smart Industries, Orange Business (Cisco partner)

The excitement of new enhancements doesn’t just stop there. Because different industries and use cases require different network technologies and capabilities for connectivity, we are continuing to expand our industrial networking portfolio to ensure customer success for a variety of deployment scenarios and locations. Therefore, we are also announcing:

• Catalyst IW9167E is now available for hazardous environments (Class 1, Div 2), so that customers in locations such as oil & gas, chemical, and pharmaceutical can deploy Wi-Fi or Cisco Ultra Reliable Wireless Backhaul (Cisco URWB).
• The Catalyst IW9165 series now also supports Wi-Fi 6/6E as well as Cisco URWB. With different form factors, we are enabling customers to deploy in more locations such as inside a cabinet in manufacturing, and roadways intersections.
• The 5G PIM now supports both public and private standalone on Catalyst Industrial Rugged Routers (IR1100, IR1800, IR8300) for roadways (cameras and sensors at intersections), public safety (ambulances, police cars), utilities, and other mission critical industrial settings.

If you are at Cisco Live Amsterdam, come and find the Cisco Industrial IoT Team at the World of Solutions to experience live demos and a coffee machine powered by Catalyst Center and Secure Equipment Access. Innovation and a cup of coffee come together to fuel digitization and connectivity for the whole week. I look forward to seeing you there!

Source: cisco.com

Continue reading

Beyond Segmentation: A Practical Approach to Securing OT Systems

As an oil and gas operator, you function in a target-rich environment for cyberattack. But are your fears over unseen threats preventing you from leveraging the full power of Digital and the Internet of Things (IoT) in your facility? Or hampering your development of a sound security strategy?

It’s true that cyberattacks against energy infrastructure are becoming more common. And at the same time, attackers are evolving their strategies to cause more damage. But the cost to the energy sector is also evolving.

No longer is it just limited to production being taken offline. We are now finding that cyberthreats can impact other areas important to your operations, including the health and safety of your employees and intellectual property theft.  And as IoT based systems and devices increase, the issue will increase in complexity. Plus, add in the costs to fix it all (and any fines involved from failing compliance), and the damage to your reputation could be severe.

Moving beyond segmentation

The cyber threats facing operational environments are evolving faster than ever before, and a security strategy that depends solely on segmentation can’t defend against things like malware and advanced persistent threats (APT).  Your strategy must include cyber security capabilities beyond just segmentation in order to keep up with cyber adversaries.

That’s why it’s critical for energy leaders like yourself to implement a rock-solid strategy that addresses the industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems found in your OT networks. But be sure it is one based on end-to-end protection that empowers tools for rapid incident response, plus these two key capabilities:

■ Enabling deeper visibility into operations.
■ Securing touchpoints at points of ICS/SCADA interaction.

You’ll also need to make sure that your OT security strategy aligns with any industry standards (like IEC 62443 and NIST 800-82). Oh, and remember to do it all in a way that will help your eventual OT shift to the cloud.

I imagine you’re thinking that all sounds like a tall order. Well, you’re right. Developing a sound OT security strategy isn’t easy for any industry, especially energy. But, in a strange way, that’s where the easy part starts: partnering with an industry leader. This does a few things for your organization. First, it takes a lot of the stress off. Secondly, it empowers innovative solutions and support. Both are critical if you are short of staff or expertise and can serve as rocket fuel for your security strategy.

Deeper visibility for OT cybersecurity compliance

At Cisco, we start by enabling deeper visibility and better detection of anomalies. Just as in everyday life, the greater your awareness, the more information you have; and the better your decisions and outcomes are.

It’s the same in cybersecurity. That’s why enabling deeper visibility into your ICS and SCADA networks is so critical. This is the starting point that can give your team the data they need to create a baseline of operations including OT devices, applications, users, and associated traffic flows. It enables faster identification of suspicious behavior and can be done using:

■ Cisco Firepower® Threat Defense (NGFW)
■ Cisco 3000 Series Industrial Security Appliances (ISA)
■ Cisco Stealthwatch® analytics
■ Industrial Ethernet (IE) switches with NetFlow
■ Deep packet inspection for Modbus, Ethernet/IP, and DNP3.

Secure touchpoints for better OT security management

We then move on to the second critical step in developing a sound OT security strategy: protecting vulnerable touchpoints. Specifically, those where people and their devices interact with your ICS/SCADA systems. This helps reduce cyberthreats that can enter your network from online malware, email or USB devices. Plus, it can improve your time to detect (TTD) and your time to respond (TTR), working as a beachhead against an attacker by reducing their time in the system to do damage.

Threats emerging via endpoints can be reduced using advanced malware detection and prevention. That’s why we developed:

■ Cisco Advanced Malware Protection (AMP) for Endpoints and AMP for Networks
■ Cisco Talos™ global threat intelligence.

Wrapping it up

As your OT cybersecurity strategy unfolds, making sure it aligns with industry standards is also easier with the help of a partner like Cisco. Since we deal with such issues on a regular basis, we’re very familiar with industry compliance issues, giving that due consideration in our solutions. And as software for OEM, third-party data analytics and machine maintenance move to the cloud, having an industry-leading partner can help your team be ready as well via tools like Cisco Umbrella™, Cisco Cloudlock™ and Cisco Stealthwatch Cloud.

By partnering with Cisco, energy producers around the world are already enjoying this level of end-to-end cybersecurity as part of their OT security strategy and protecting their critical industrial systems. Now it’s your turn. If you happen to be at Cisco Live in San Diego the week of June 10th we welcome you to stop by our Oil and Gas area in the Industrial Showcase and let us know your thoughts on securing your OT environment.

Continue reading

Integrating Warehouses and Distribution Centers into the Enterprise Network

We’re witnessing digital transformation all around us, and it’s driving fierce competition, new challenges, and compelling opportunities in every industry. We talked about some of the ways business are using the Internet of Things (IoT) to extend operations beyond traditional carpeted spaces inside the office and out to environments of all kinds.

In this edition, we’ll focus on how organizations with complex enterprise supply chains are transforming their businesses. Global retailers, distributors, manufacturers, healthcare, pharmaceuticals, and container operators are all driving innovation in the Extended Enterprise.

These innovators are exploring new strategies for Digital Transformation in industries to increase profitability, fulfill orders faster, improve safety, reduce cost and complexity, and more.

Everything Starts with Connectivity

To achieve these outcomes, secure connectivity across your entire supply chain is key.

You may be hampered by siloed and independent enterprise operations in your warehouses and distribution facilities due to inadequate system integration, lack of real-time visibility, and inconsistent safety control. Manual and error-prone inventory and reporting processes cost time and money—and create dissatisfied customers. To overcome these challenges and increase productivity and safety of your employees, you need to adopt digitization of your entire enterprise.

This isn’t always easy in busy and open industrial environments with massive volumes of traffic and employees constantly on the move. You need smart cameras and sensors to monitor operations and physical security to protect yourself against asset loss and theft, but also sophisticated cybersecurity to keep sensitive company and customer data from being compromised.

By securely connecting various warehouse systems – sensors, automated conveyors and sorters, safety and security systems and smart mobile devices you can monitor all warehouse systems and operations closely and gain access to data from disparate data sources. You can then analyze the data and develop insights to improve safety and operational efficiency.

Finally, you need real-time visibility to track heavy equipment and other assets, so you can perform timely maintenance and keep resources available and working at their best.

What You’ll Need

What’s required to connect and digitize warehouses? Enterprise supply chain environments are often harsh, dynamic environments that may be exposed to the weather, and require ruggedized connectivity to warehouse systems. To support employees and equipment on the move, they also require wireless connectivity everywhere. Physical security and real-time surveillance systems are key to keeping materials, people, and assets safe.

Also in order to keep IT operational costs low and centrally manage the entire enterprise, the warehouse network must be fully manageable using the same familiar management and policy-based orchestration tools used in the core enterprise. The network should provide secure access between warehouse devices and the enterprise, with the ability to scale and replicate to more warehouses and distribution centers as the organization evolves and grows.

Putting the Extended Enterprise to Work

Let’s take a closer look at how Cisco’s IoT solutions can help retailers scale to hundreds of connected and fully digitized warehouses and fulfillment centers.

Cisco Industrial Ethernet Switches and Cisco Outdoor and Industrial Access Points are purpose-built ruggedized solutions that can operate in environments without air-conditioning and deliver high performance Gigabit Ethernet connectivity for warehouse systems – sensors, cameras, sorters, conveyors, mobile phones etc. You can use the Cisco DNA Center to design, provision and manage these switches and APs.

Retailers also require end-to-end management and smooth communication with upper layer systems such as Supervisory Control and Data Acquisition (SCADA), Warehouse Control Systems (WCS), and cloud services. Cisco Industrial Ethernet Switches and  Cisco Industrial Security Appliances (ISA) offer strong security mechanisms to enable secure integration and communication with these upper layer systems. Cisco Industrial Integrated Services Routers extend connectivity further to service fleet such as delivery trucks for efficient fleet management and tracking of shipments.

Cisco Extended Enterprise solutions improve tracking and management of assets and inventory, as well as machinery and shipping equipment. Robust cybersecurity and video surveillance help keep data and assets safe. Retailers also gain complete operational visibility into operations across the organization, by fully integrating their supply chain into business applications.

No matter what type of warehouse or distribution center environment you’re supporting, Cisco Extended Enterprise solutions can help you extend your organization to gain real competitive advantages in today’s IoT age.

Continue reading