As more devices become connected, a range of new security challenges arise that Cisco hopes can be addressed by the developer community.
“The Internet of Everything is not only turn every company into a technology company but it’s going to force every company to truly become a company that delivers security,” says Christopher Young, Senior Vice President of Cisco’s Security Business Group.
Speaking at the Australian Cisco Live! Conference in Melbourne today, Young described how business is going to have to change the way it treats data collected from sensors.
An expectation of security
“It’s not just in consumer security,” continues Young. “If I’m using technology or I’m delivering a service that’s leveraging technologies like cloud or connected devices and creating information about individuals or organisations through these connected devices then a consumer or enterprise is going to expect a level of security.”
Young sees three major ways that security is becoming more challenging for organisations; changing business models, a dynamic threat landscape and increasing complexity.
The latter point is the area that focuses many executive’s attention in Young’s experience with audiences he speaks to nominating complexity and fragmentation as their greatest concern.
“They get so many products and so many devices and so many tools and so much complexity they really don’t know, in so many cases, where to focus their efforts.”
Young cites Cisco’s Chief Security Officer, John Stewart, that the most fundamental security defense is getting the basics right.
Earlier this year at the release of the company’s 2014 security report, Stewart spoke to Networked Globe on how businesses are struggling with the complexity they face.
“Even the most sophisticated and well funded security teams are struggling to keep on top of what’s happening,” Stewart said.
The industrialisation of malware
This problem ties into the other areas that Young identifies, particularly the ‘industrialisation’ of the malware world.
“We have more well funded, more innovated, more determined adversaries than we’ve ever had as an industry.
“It used to be some high school kid in his room trying to infect a bunch of machines with viruses or some guy from Nigeria sending you an email asking you for a hundred bucks and he’ll give you a thousand bucks later.
“The world we live in today has nation states and criminal syndicates and very well funded, very sophisticated attackers so hacking has become an industrialised activity.” Young says, “here’s supply chains involved, there’s support agreements written; the bad guys will even sell each other a contract.”
Young’s views echo those of Sophos Labs’ Vice President Simon Reed who said last year that “now there’s money involved, there’s serious effort, the quality of malware has gone up.”
Part of the solution Young sees involves getting the community involved which is the motivation behind the Cisco Security Challenge announced last week.
“You can only just guess and imagine what all the different security challenges will look like in a world that’s just starting to get formed.”
“Let’s get the community involved in trying to solve some of the problems that we know are going to be inherently introduced by IoE.”