Duncan Purves, profile picture
Uploaded byDuncan Purves
545 views

Industry 4.0 Security

The document discusses several challenges in securing industrial networks for Industry 4.0, including enabling internet connectivity, legacy vulnerable devices, and the need for remote access. It describes moving networks from proprietary and isolated "islands" to a converged plantwide network with flexible multi-service platforms. The document provides an example of applying network standards and designs to segment a legacy machine tools network. It emphasizes that defining security policies requires network visibility and moving through stages from blind monitoring to segmentation and enforcement.

Embed presentation

Downloaded 22 times
Stuart Traynor Technical Specialist - Manufacturing 13th November Industry 4.0 Security Evolution of Factory Security for Industry 4.0
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Agenda • Challenges in securing Industry 4.0 • Standards for ICS systems • Legacy machine tools example • Policy based IoT security
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential • Enabling internet connectivity to the OT environment • New attack vector • Potentially leveraging the same network as the automation, traditionally air-gapped • Sometimes no automation network in place and leveraging the standard enterprise network
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential • Move towards IoT cloud platforms and other cloud services including MES, the shop floor needs to support this transition • Shop floors have traditionally legacy devices e.g. PLC’s, Windows XP/7 or older devices which are vulnerable • Need for remote access to systems from external vendors, partners etc. • Networks are segmented in a static fashion, making changes complex, costly and slow e.g. moving a networked machine can take many weeks / months. Other common challenges to security from Industry 4.0
Cisco Confidential 5© 2016 Cisco and/or its affiliates. All rights reserved. Starting Point: Proprietary Serial Islands Unmanaged, unconverged Ethernet Converged Plantwide Network Flexible, Multi-Service Platform • Still siloed • No security • Individual OEM networking • Converge siloed networks • Static environment • Typically air-gapped networks • Industry 4.0 • Cloud/Edge Computing • Software Defined Factories • Enterprise wide security policy Everyone’s at a different stage on the journey Phase 1 Phase 2 Phase 3
Cisco Confidential 6© 2016 Cisco and/or its affiliates. All rights reserved. What is Converged Plantwide Network? The basis of the Connected Factory “CPwE is co-owned Solution Architecture created jointly by Cisco and Rockwell Automation to architect IP from the Enterprise level down to the Operational cell/zone level within the manufacturing plant floor. CPwE solution is designed specifically for industrial Ethernet applications.” The CVD (Cisco Validated Design) is a 700 page design and best practice guide for Engineering IP at the Cell/Zone level and interworking to the Enterprise https://www.cisco.com/c/en/us/solutions/enterprise/design-zone- manufacturing/landing_ettf.html
Cisco Confidential 7© 2016 Cisco and/or its affiliates. All rights reserved. Industrial Network Convergence Enterprise Zone DMZ Manufacturing Zone Cell/Area Zone Demilitarized Zone — Shared Access Enterprise Network Level 5 Site Business Planning and Logistics Network Level 4 Site Manufacturing Operations and Control Level 3 Area Control Level 2 Basic Control Level 1 Process Level 0 • Levels – ISA 95, Purdue • Zones – IEC 62443, NIST 800- 82, ICS-CERT
Sensors Cell/Area Zone Levels 0–2 Layer 2 Access The Legacy machine tools example Drive Controller HMI Distributed I/O VLAN 10 - automation VLAN 20 - sensors Gateways • Remote access • Industrial specific security • Network Segmentation • Control network and IoT connectivity • Policy based routing • Data encryption • Secure cloud connectivity Manufacturing Zone/ Demilitarized zone Level 3 Distribution and Core Enterprise Levels 4–5 A fairly straight forward application of the standards and designs
Firewall (Active) Firewall (Standby) Application Servers Network Services Patch Management Terminal Services Application Mirror AV Server Cell/Area #1 (Redundant Star Topology) Drive Controller HMI Distributed I/O Controller DriveDrive HMI Distributed I/O HMI Cell/Area #2 (Ring Topology) Cell/Area #3 (Linear Topology) Layer 2 Access Switch Controller Cell/Area Zone Levels 0–2 Layer 2 Access Manufacturing Zone Level 3 Distribution and Core Demilitarized Zone (DMZ) Firewalls Enterprise Network Levels 4–5 Web Apps DNS FTP Scaling out…
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The next step on the journey…
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Defining Security Policies without Visibility is Complex Security Platforms C a m e r a P r i n t e r L a p t o p P h o n e ? ? ? ? ? ? ? ? ? ? Enterprise Assets Industrial Assets
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential • Many controls teams view segmentation and enforcement as a hindrance to operations • Maybe bitten in the past by IT actions disrupting production • You need to explain to them how segmentation increases reliability in addition to security, as they do care about reliability • Most importantly, in many cases, their networks are not ready, poorly architected, and process/people are not in place to consume a sophisticated security solution Moving towards a policy Blind Monitor / Baseline Segment Enforce
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Manufacturer Usage Descriptions Work on Standards?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential IoT Device Business Challenges Device Visibility Intent-based Policy Standard based Do you know devices well enough to differentiate service? Does customer knows behavior of devices to build their policy? Is there any industry standard way of connecting IoT devices to enterprise network? 14
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential • The needs of the automation and operations networks are changing • Everyone's at a different stage of the journey • Start to look at your automation network, how do you prepare it for Industry 4.0 • There's validated designs and guidance for all kinds of scale • Visibility of what's on the network and security policy is going to become key Summary

More Related Content

PDF
Datacenter Strategy, Design, and Build
byChristopher Kelley
 
PPTX
Industry 4.0 – the German vision for advanced manufacturing
byVinnova
 
PDF
Introduction to IOT & Smart City
byDr. Mazlan Abbas
 
PDF
Smart manufacturing and a iot
byDaniel Li
 
PPTX
India industry 4.0
byWg Cdr Jayesh C S PAI
 
PPT
Digital Twin: Starting the journey
byIBM Internet of Things
 
PPTX
Internet of things
byVikrant Negi
 
PPT
Datacenter
byArindam Pal
 
Datacenter Strategy, Design, and Build
byChristopher Kelley
 
Industry 4.0 – the German vision for advanced manufacturing
byVinnova
 
Introduction to IOT & Smart City
byDr. Mazlan Abbas
 
Smart manufacturing and a iot
byDaniel Li
 
India industry 4.0
byWg Cdr Jayesh C S PAI
 
Digital Twin: Starting the journey
byIBM Internet of Things
 
Internet of things
byVikrant Negi
 
Datacenter
byArindam Pal
 

What's hot

PPT
Internet of Things and its applications
byPasquale Puzio
 
PPTX
Advanced Industrial IoT, IIoT Training Crash Course For You - Tonex Training
byBryan Len
 
PPTX
IoT and its Applications
byAbdulla Shaheen
 
PPTX
iot seminar topic
byKuldeep Suthar
 
PPTX
IoT Security, Threats and Challenges By V.P.Prabhakaran
byKoenig Solutions Ltd.
 
PDF
Introduction to IoT Architectures and Protocols
byAbdullah Alfadhly
 
PDF
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
byCableLabs
 
PDF
Security challenges in IoT
byVishnupriya T H
 
PPTX
NIST Cloud Computing Reference Architecture
byThanakrit Lersmethasakul
 
PDF
IoT Security Challenges and Solutions
byIntel® Software
 
PPTX
Internet of Things (IoT) - Introduction ppt
bysutrishnakar1995
 
PPTX
Fog computing
byHari Priyanka
 
PPSX
Cloud computing ppt by Binesh
byBinesh
 
PPTX
Industry 4.0 and India
byKshitij Thosar
 
PPTX
IoT-Enabled Predictive Maintenance
byCloudera, Inc.
 
PDF
Industry 4.0 and sustainable energy
byBayu imadul Bilad
 
PPTX
Challenges and application of Internet of Things
byAshutosh Bhardwaj
 
PDF
Industry 4.0: Merging Internet and Factories
byFabernovel
 
PDF
Next IIoT wave: embedded digital twin for manufacturing
byIRS srl
 
PDF
Fog computing in IoT
bysreelesh balan
 
Internet of Things and its applications
byPasquale Puzio
 
Advanced Industrial IoT, IIoT Training Crash Course For You - Tonex Training
byBryan Len
 
IoT and its Applications
byAbdulla Shaheen
 
iot seminar topic
byKuldeep Suthar
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
byKoenig Solutions Ltd.
 
Introduction to IoT Architectures and Protocols
byAbdullah Alfadhly
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
byCableLabs
 
Security challenges in IoT
byVishnupriya T H
 
NIST Cloud Computing Reference Architecture
byThanakrit Lersmethasakul
 
IoT Security Challenges and Solutions
byIntel® Software
 
Internet of Things (IoT) - Introduction ppt
bysutrishnakar1995
 
Fog computing
byHari Priyanka
 
Cloud computing ppt by Binesh
byBinesh
 
Industry 4.0 and India
byKshitij Thosar
 
IoT-Enabled Predictive Maintenance
byCloudera, Inc.
 
Industry 4.0 and sustainable energy
byBayu imadul Bilad
 
Challenges and application of Internet of Things
byAshutosh Bhardwaj
 
Industry 4.0: Merging Internet and Factories
byFabernovel
 
Next IIoT wave: embedded digital twin for manufacturing
byIRS srl
 
Fog computing in IoT
bysreelesh balan
 

Similar to Industry 4.0 Security

PPTX
Cisco Impresa40 - Trends, Vision, Solutions
byMatteo Masi
 
PDF
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
byCisco Canada
 
PDF
Mfg workshop security
byRobert Albach
 
PPTX
Discrete MFG IoT Factory of the Future
byMainstay
 
PDF
Internet of things
byRoutecoMarketing
 
DOCX
Cisco Connected Manufacturing
byFranco Ferrario
 
PDF
El IoT y la gestión de las empresas del futuro, IGNASI ERRANDO, CISCO
byDomotys
 
PDF
Unified industrial wireless networks (cisco)
byLuis Atencio
 
PDF
Introduction to IoT Unit CASE STUDIES/INDUSTRIAL APPLICATIONS- V.pdf
bygirishgandhi4
 
PDF
Transformation From Today To Tomorrow - Market and Product Strategy 2018
byJiunn-Jer Sun
 
PPTX
Building converged plantwide ethernet architectures
byIntelligentManufacturingInstitute
 
PPTX
Deploy Secure Network Architectures for The Connected Enterprise
byRockwell Automation
 
PDF
Building the Internet of Everything
byCisco Canada
 
PDF
101 Use Cases for IoT
byCisco Canada
 
PDF
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
byRockwell Automation
 
PPTX
CyberSecurity Best Practices for the IIoT
byCreekside Marketing Group, LLC
 
PPTX
Building Converged Plantwide Ethernet
byRockwell Automation
 
PDF
Steps to Scale Internet of Things (IoT)
byRafael Maranon
 
PDF
Routeco cyber security and secure remote access 1 01
byRoutecoMarketing
 
PDF
Cisco data analytics in ioe_rajiv niles_2015 nov
byCiscoKorea
 
Cisco Impresa40 - Trends, Vision, Solutions
byMatteo Masi
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
byCisco Canada
 
Mfg workshop security
byRobert Albach
 
Discrete MFG IoT Factory of the Future
byMainstay
 
Internet of things
byRoutecoMarketing
 
Cisco Connected Manufacturing
byFranco Ferrario
 
El IoT y la gestión de las empresas del futuro, IGNASI ERRANDO, CISCO
byDomotys
 
Unified industrial wireless networks (cisco)
byLuis Atencio
 
Introduction to IoT Unit CASE STUDIES/INDUSTRIAL APPLICATIONS- V.pdf
bygirishgandhi4
 
Transformation From Today To Tomorrow - Market and Product Strategy 2018
byJiunn-Jer Sun
 
Building converged plantwide ethernet architectures
byIntelligentManufacturingInstitute
 
Deploy Secure Network Architectures for The Connected Enterprise
byRockwell Automation
 
Building the Internet of Everything
byCisco Canada
 
101 Use Cases for IoT
byCisco Canada
 
RA TechED 2019 - NT03 - Building Converged Plantwide Ethernet Architectures
byRockwell Automation
 
CyberSecurity Best Practices for the IIoT
byCreekside Marketing Group, LLC
 
Building Converged Plantwide Ethernet
byRockwell Automation
 
Steps to Scale Internet of Things (IoT)
byRafael Maranon
 
Routeco cyber security and secure remote access 1 01
byRoutecoMarketing
 
Cisco data analytics in ioe_rajiv niles_2015 nov
byCiscoKorea
 

More from Duncan Purves

PDF
Supporting Elderly Independent Living with IOT devices
byDuncan Purves
 
PDF
The Internet of Trees (IoTr) and is the IoT really sustainable?
byDuncan Purves
 
PDF
Insights into the IoT market
byDuncan Purves
 
PDF
Meeting the NIS Directive with Distributed Ledgers
byDuncan Purves
 
PDF
Extending the reach of IoT to address global scale challenges
byDuncan Purves
 
PDF
Smart Cities: A new development
byDuncan Purves
 
PDF
Can you trust your smart building
byDuncan Purves
 
PDF
Saving lives on British Railways with IQRF
byDuncan Purves
 
PDF
5G and Connected Communities
byDuncan Purves
 
PDF
AWS IoT and Alexa in the connected home
byDuncan Purves
 
PDF
PSA Certified – building trust in IoT
byDuncan Purves
 
PDF
Smart City Challenge calls
byDuncan Purves
 
PDF
Vodafone's NB-IoT Rollout
byDuncan Purves
 
PDF
Are you prepared for R&D funding
byDuncan Purves
 
PDF
Thames Valley Berkshire Smart City Cluster Challenge
byDuncan Purves
 
PDF
World Bee Project - The Connected Hive & The Future of Farming
byDuncan Purves
 
PDF
Bridging the gap between hardware and the cloud
byDuncan Purves
 
PDF
Cyber Academic Startup Accelerator Programme
byDuncan Purves
 
PDF
Digital buildings
byDuncan Purves
 
PDF
The University of Sheffield AMRC
byDuncan Purves
 
Supporting Elderly Independent Living with IOT devices
byDuncan Purves
 
The Internet of Trees (IoTr) and is the IoT really sustainable?
byDuncan Purves
 
Insights into the IoT market
byDuncan Purves
 
Meeting the NIS Directive with Distributed Ledgers
byDuncan Purves
 
Extending the reach of IoT to address global scale challenges
byDuncan Purves
 
Smart Cities: A new development
byDuncan Purves
 
Can you trust your smart building
byDuncan Purves
 
Saving lives on British Railways with IQRF
byDuncan Purves
 
5G and Connected Communities
byDuncan Purves
 
AWS IoT and Alexa in the connected home
byDuncan Purves
 
PSA Certified – building trust in IoT
byDuncan Purves
 
Smart City Challenge calls
byDuncan Purves
 
Vodafone's NB-IoT Rollout
byDuncan Purves
 
Are you prepared for R&D funding
byDuncan Purves
 
Thames Valley Berkshire Smart City Cluster Challenge
byDuncan Purves
 
World Bee Project - The Connected Hive & The Future of Farming
byDuncan Purves
 
Bridging the gap between hardware and the cloud
byDuncan Purves
 
Cyber Academic Startup Accelerator Programme
byDuncan Purves
 
Digital buildings
byDuncan Purves
 
The University of Sheffield AMRC
byDuncan Purves
 

Recently uploaded

PDF
BEP-20 Token on BNB Chain: From Concept to Deployment.pdf
byimoliviabennett
 
PDF
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
PDF
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
PDF
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
PDF
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
PDF
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PDF
AI for Risk Management & Fraud Detection ppt.pdf
byalexmartincaneda
 
PPTX
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
PPTX
Working Session — Build a Document Understanding Automation Using an OOTB ML ...
byDianaGray10
 
BEP-20 Token on BNB Chain: From Concept to Deployment.pdf
byimoliviabennett
 
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
Designing a Blog Using Wordpress
bymarkzubi50
 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
AI for Risk Management & Fraud Detection ppt.pdf
byalexmartincaneda
 
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
Working Session — Build a Document Understanding Automation Using an OOTB ML ...
byDianaGray10
 

Industry 4.0 Security

  • 1.
    Stuart Traynor Technical Specialist- Manufacturing 13th November Industry 4.0 Security Evolution of Factory Security for Industry 4.0
  • 2.
    © 2018 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Agenda • Challenges in securing Industry 4.0 • Standards for ICS systems • Legacy machine tools example • Policy based IoT security
  • 3.
    © 2018 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential • Enabling internet connectivity to the OT environment • New attack vector • Potentially leveraging the same network as the automation, traditionally air-gapped • Sometimes no automation network in place and leveraging the standard enterprise network
  • 4.
    © 2018 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential • Move towards IoT cloud platforms and other cloud services including MES, the shop floor needs to support this transition • Shop floors have traditionally legacy devices e.g. PLC’s, Windows XP/7 or older devices which are vulnerable • Need for remote access to systems from external vendors, partners etc. • Networks are segmented in a static fashion, making changes complex, costly and slow e.g. moving a networked machine can take many weeks / months. Other common challenges to security from Industry 4.0
  • 5.
    Cisco Confidential 5©2016 Cisco and/or its affiliates. All rights reserved. Starting Point: Proprietary Serial Islands Unmanaged, unconverged Ethernet Converged Plantwide Network Flexible, Multi-Service Platform • Still siloed • No security • Individual OEM networking • Converge siloed networks • Static environment • Typically air-gapped networks • Industry 4.0 • Cloud/Edge Computing • Software Defined Factories • Enterprise wide security policy Everyone’s at a different stage on the journey Phase 1 Phase 2 Phase 3
  • 6.
    Cisco Confidential 6©2016 Cisco and/or its affiliates. All rights reserved. What is Converged Plantwide Network? The basis of the Connected Factory “CPwE is co-owned Solution Architecture created jointly by Cisco and Rockwell Automation to architect IP from the Enterprise level down to the Operational cell/zone level within the manufacturing plant floor. CPwE solution is designed specifically for industrial Ethernet applications.” The CVD (Cisco Validated Design) is a 700 page design and best practice guide for Engineering IP at the Cell/Zone level and interworking to the Enterprise https://www.cisco.com/c/en/us/solutions/enterprise/design-zone- manufacturing/landing_ettf.html
  • 7.
    Cisco Confidential 7©2016 Cisco and/or its affiliates. All rights reserved. Industrial Network Convergence Enterprise Zone DMZ Manufacturing Zone Cell/Area Zone Demilitarized Zone — Shared Access Enterprise Network Level 5 Site Business Planning and Logistics Network Level 4 Site Manufacturing Operations and Control Level 3 Area Control Level 2 Basic Control Level 1 Process Level 0 • Levels – ISA 95, Purdue • Zones – IEC 62443, NIST 800- 82, ICS-CERT
  • 8.
    Sensors Cell/Area Zone Levels 0–2 Layer2 Access The Legacy machine tools example Drive Controller HMI Distributed I/O VLAN 10 - automation VLAN 20 - sensors Gateways • Remote access • Industrial specific security • Network Segmentation • Control network and IoT connectivity • Policy based routing • Data encryption • Secure cloud connectivity Manufacturing Zone/ Demilitarized zone Level 3 Distribution and Core Enterprise Levels 4–5 A fairly straight forward application of the standards and designs
  • 9.
    Firewall (Active) Firewall (Standby) Application Servers Network Services PatchManagement Terminal Services Application Mirror AV Server Cell/Area #1 (Redundant Star Topology) Drive Controller HMI Distributed I/O Controller DriveDrive HMI Distributed I/O HMI Cell/Area #2 (Ring Topology) Cell/Area #3 (Linear Topology) Layer 2 Access Switch Controller Cell/Area Zone Levels 0–2 Layer 2 Access Manufacturing Zone Level 3 Distribution and Core Demilitarized Zone (DMZ) Firewalls Enterprise Network Levels 4–5 Web Apps DNS FTP Scaling out…
  • 10.
    © 2017 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential The next step on the journey…
  • 11.
    © 2017 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential Defining Security Policies without Visibility is Complex Security Platforms C a m e r a P r i n t e r L a p t o p P h o n e ? ? ? ? ? ? ? ? ? ? Enterprise Assets Industrial Assets
  • 12.
    © 2018 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential • Many controls teams view segmentation and enforcement as a hindrance to operations • Maybe bitten in the past by IT actions disrupting production • You need to explain to them how segmentation increases reliability in addition to security, as they do care about reliability • Most importantly, in many cases, their networks are not ready, poorly architected, and process/people are not in place to consume a sophisticated security solution Moving towards a policy Blind Monitor / Baseline Segment Enforce
  • 13.
    © 2018 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Manufacturer Usage Descriptions Work on Standards?
  • 14.
    © 2018 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential IoT Device Business Challenges Device Visibility Intent-based Policy Standard based Do you know devices well enough to differentiate service? Does customer knows behavior of devices to build their policy? Is there any industry standard way of connecting IoT devices to enterprise network? 14
  • 15.
    © 2018 Ciscoand/or its affiliates. All rights reserved. Cisco Confidential • The needs of the automation and operations networks are changing • Everyone's at a different stage of the journey • Start to look at your automation network, how do you prepare it for Industry 4.0 • There's validated designs and guidance for all kinds of scale • Visibility of what's on the network and security policy is going to become key Summary