Cisco Execs: Security Needs Big-Time Overhaul For Internet Of Everything


By Cisco's own calculations, there will be 50 billion connected devices in use globally by 2020, embedded in cars, retail systems, refrigerators, home heating and cooling systems, and countless other things people use every day. In 10 years, Cisco thinks the market for what it calls the Internet Of Everything will be worth around $19 trillion.

But if Cisco's Internet Of Everything is to achieve such lofty heights, current security models for Internet infrastructure and transactions are going to have to be completely overhauled to safeguard all this data, two of Cisco's top executives said Thursday in a session at the RSA security conference in San Francisco.

In Cisco's Internet Of Everything, "every company becomes a tech company; therefore, every company must become a security company," Padmasree Warrior, chief technology and strategy officer at Cisco, said in the session.

[Related: Cisco On Its NFV Strategy: 'No One Else Comes Close']

With all of these connected devices, security vendors will have to change their models for controlling and managing data, not just for the devices themselves but also for the people using them, Christopher Young, senior vice president of Cisco's Security Business Group, said in the session.

"Clearly, we need to do security differently," Young said. Organizations will need greater visibility into their networks, better awareness of threats and an ability to act quickly when issues arise, Young said.

To get all of this, Cisco's Internet Of Everything will need something that resembles an air traffic control system, Young said. This includes moving from the current model of securing control points in the infrastructure to the transactions and who is connecting them, he said.

"It's about being able to see if something is going off course, or maybe a catastrophe is at hand," Young said. "It's the same with managing all the devices, apps, users and data in Internet Of Everything-oriented systems."

Warrior said open source will play a key role in letting enterprises ensure they're not pulling in malicious code when accessing enterprise data from the cloud. Earlier this week, Cisco unveiled Open App ID, an open-source initiative that invites developers to submit code via the company's Snort community forum.

With today's connected device systems, companies wouldn’t be able to keep track of all their users and the data traveling back and forth, Warrior said. Clearly, much work remains before Cisco's vision can become reality.

"That's the kind of awareness, in real time, we need to have," Warrior said.

PUBLISHED FEB. 28, 2014