Most of the things connected to the internet are relatively defenseless because there’s not much processing power left over to run anything more than the software used to pass data back to an internet of Things (IoT) gateway. Recognizing that simple fact, Cisco this week, at an Internet of Things (IoT) World Forum conference, announced a Cisco IoT Threat Defense offering that aims to secure those IoT gateways.
Marc Blackmer, a product manager for Cisco, says Cisco expects there will be 50 billion devices connected to those gateways by 2020. A huge percentage of those IoT devices are not able to defend themselves, says Blackmer.
“There’s no authentication because there’s no system resources available on the endpoint,” says Blackmer.
The Cisco IoT Threat Defense extends the TrustSec technology that Cisco developed to provide a policy-based approach to access control across a network that employs a combination of signature and behavioral-based security technologies to inspect IoT traffic.
Blackmer says that approach not only secures all the IoT gateways, it also provides organizations with additional flexibility because security in the age of the IoT is still an afterthought. Instead of trying to enforce security standards across IoT projects involving hundreds of different types of IoT endpoints, IoT organizations can more easily defend organizations at the gateway perimeter.
At this point, it’s only a matter of time before cybercriminals begin to more aggressively explore the soft underbelly of those IoT defenses. Unfortunately, while enthusiasm for IoT projects is running high, most organizations have yet to give much thought to how IoT security policies might be centrally enforced.