This content is part of the Conference Coverage: RSAC 2019: Coverage of the premiere security gathering

Cisco: Network security strategy requires IT, OT to play nice

Cisco told RSA attendees the need for network security on the factory floor is growing. Cisco says cooperation between IT and operations is key to protecting equipment.

SAN FRANCISCO -- Securing IP networks that stretch from the office to the factory floor will require collaboration between IT staff and operational teams with different priorities and measurements for success.

That network security strategy advice was Cisco's keynote message to security pros at the RSA Conference here this week. Liz Centoni, general manager of IoT at Cisco, encouraged attendees to make security the common ground of IT teams and people responsible for assembly lines.

Because both sides need security, it becomes the "bridge" between them, Centoni said. "Security is the reason that IT teams and OT [operational technology] teams are kind of forced to work together."

She encouraged IT security pros to take the time to understand what's important to managers on the factory floor. Their job is to ensure equipment is running as efficiently as possible, while also keeping a close eye on employee safety.

"The OT world cares about people safety; they care about equipment safety -- not data loss," Centoni said. "The OT world cares about what rolls off their production lines."

They also worry about downtime. An assembly line that stops can cost a large manufacturer tens of thousands of dollars a minute. "That drives their behavior; that drives their actions; and that drives their decisions," Centoni said.

IP on the factory floor

Nevertheless, with a growing number of manufacturers switching from proprietary networks to IP, operations need security. Therefore, Centoni recommended IT professionals reach out to the engineers who design the processes that keep production lines running. Together, they can create a security architecture for the factory floor.

Building partnerships are also an important piece of a successful network security strategy. For example, Centoni suggested IT teams work closely with plant managers since they are the ones who would have to shut down a production line during a cyberattack.

In the OT space, we're just getting started with visibility.
Liz Centonigeneral manager of IoT, Cisco

Security teams should also be prepared to look for assets on the factory floor that aren't on any inventory list. Based on Cisco's experience with customers, Centoni estimates many companies don't know 40% to 50% of the equipment sitting in their environments. As a result, IT pros have to work a little harder to account for all assets before placing them in the proper network segments protected by security policies.

"In the OT space, we're just getting started with visibility," Centoni said.

Cisco is working on its bridge for IT and plant operations. In February, the company released industrial switches a customer could manage with DNA Center. The software console is a core component of Cisco's intent-based networking portfolio, which includes switches and security for running IT networks on the campus.

Dig Deeper on Network security

Networking
CIO
Enterprise Desktop
Cloud Computing
ComputerWeekly.com
Close