06 IoT Sales Training Industrial Security Sales Motion

IoT Sales Training:
Industrial Security Solutions and Sales Plays

Learning Objectives
By the end of this topic, you will be able to:
• Identify new IoT opportunities in the Security

space and beyond
• Use Industrial Security Sales Plays to help close
more deals
• Drive customer success using Cisco products
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Identify customer challenges in the
OT space
• Review Cisco Security solutions
Topic Agenda • Summarize the key benefits of
Cisco Industrial Security solutions
• Execute on customer success in the
security space
Identifying Customer
Challenges
Industrial Digitization Increases the Attack Surface
TODAY TOMORROW
Traditional automation systems The Industrial Internet of Things
Energy, Manufacturing, SMART INDUSTRY
Transportation, Process Industries
SMART GRIDS SMART CITIES

INDUSTRY 4.0
DISTRIBUTED DEVICES
INTELLIGENT
BUILDINGS
Industrial Networks are New Targets for Hackers
7
Industrial Networks Are Not Designed for Security
What OT Professionals tell us What we see during assessments:
 Security patches not installed

Everything is fine!  Firmware uploaded over FTP without signature
My automation vendor has  Default credentials used to log into systems
very secure products…
 DNS queries to Amazon
 Unauthorized remote accesses by
subcontractors
 Decommissioned assets still connected
 OT network fully interconnected with IT
 Unnecessary network communications
 Windows XP, SMBv1
IT and OT Worlds are Converging
IT and OT Teams Have Different Requirements
OT
 Long to very long life-cycles

 Updates and patches hard to deploy
 Short life-cycles  Downtime to production lines are
 Updates and patches rolled out hard to schedule
consistently  Potential cybersecurity threats can
 Downtime is scheduled and accepted lead to physical injuries or damage to
 Potential cybersecurity threats are digital the plant
in nature
Ensure all relevant stakeholders are involved!

Technology Teams have Competing Requirements
OT Requirements IT Requirements
Business continuity Implement cyber security best

practices in industrial networks
Production system’s resilience
Enforce security policies across the
Safety of operations
extended enterprise
Compliance with regulations (NIS,
NERC CIP, etc.)
Need to align OT and IT experts to enable cybersecurity

Examples of Recent OT Attacks
2010 2017 What’s next ?
Stuxnet causes damages Ransomware attacks by This is still a relatively

to Iran’s nuclear Wannacry and NotPetya new domain compared to
program cause losses of more IT security and attacks
than $1B
2015 2019
Ukrainian power grid is Norsk Hydro is shut

attacked, and almost down because of
250k people are in the ransomware
dark
Reviewing Cisco’s IoT
Security Solutions
Developing IoT Opportunities with Three Paths
Context is Key with Industrial Devices
SecOps Security policies

lack implemented
context without context15
to industrial cause
processes downtime
Cisco Integrated Industrial Security Solution
Cisco Cyber Vision ISA 3000 Threat Response

Operational Insights & Threat Detection Industrial Firewall Investigation & Remediation
OT asset inventory Prevent propagation of threats Enable IT-SOC to investigate industrial

Track industrial processes with best of breed threats through integration with
Detect attempts to modify assets Industrial Protocol IPS/IDS Cyber Vision & ISA 3000
Powered by : the industry’s best threat intelligence
CiscothatCyber
Security Vision
scales with your network infrastructure
Cyber Vision Center
(Centralized Analytics)
Operational Insights Threat Detection

for OT for IT
Application
Flow
Sensor Sensor
Sensor Sensor
Sensor
IC3000 Industrial Compute Catalyst 9000 Series Switch

IE 3400 Switch IE 3400 Heavy Duty IR 1101 Gateway
Hardware-Sensor Network-Sensors
(SPAN based to support brownfield ) (Deep Packet Inspection built into network-elements eliminating the need for SPAN)
ISA3000 Industrial Security Appliance
Protect your industrial networks against increasingly complex threats
Benefit from industry- Leverage built-in, Streamline security policy and Detect, investigate, and remediate
leading, advanced comprehensive next- device management across your across IT-OT integrated security
threat intelligence generation IPS sites portfolio
Cisco Firepower Threat Defense technology packaged in a

ruggedized form factor built for OT use cases
Cisco Threat Response
Simple
Detect, investigate, and remediate
across multiple integrated security
technologies
Fast
Reduce time spent on investigations by
at least 50%*
Effective
Aggregate threat intelligence
into immediate action
…and it’s FREE with existing Cisco Security

licenses
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential *according to 60% of surveyed customers. TechValidate survey, June 2019
Cisco Talos Threat Intelligence
Cisco Talos Intelligence Group is one of the

largest commercial threat intelligence teams in the
world, comprised of world-class researchers,
analysts and engineers.
These teams are supported by unrivaled telemetry

and sophisticated systems to create accurate, rapid
and actionable threat intelligence for Cisco
customers, products and services.
Talos maintains the official rule sets

of Snort.org, ClamAV, and SpamCop, in addition Multiple sources contribute to Talos telemetry,
to releasing many open-source research and which in turn is utilized by Cisco IoT security
analysis tools. products to detect threats and prevent breaches
Cisco’s Industrial Security
Competitive Advantages
Visibility into your Network
Cyber Vision
Center
Sensor
Cyber Vision Sensors embedded into industrial

network equipment
Sensor Sensor
No additional hardware needed
ICS
Network
Application-Flow
No need for an out-of-band monitoring network
Sensor Sensor Sensor
Lightweight
Metadata
No impact on performance
Reduce TCO by eliminating the need to invest in an ever-growing SPAN collection network
Visibility
Security Deployed at Scale built into your
network infrastructure
Leverage OT budget for

1 industrial network
Eliminate the need for IT

2 to invest in and maintain
SPAN collection network
Single solution for SecOps

to monitor threats across
3 operational departments
Cisco Cyber Vision Understands Common Protocols
Cisco’s Deep Packet Inspection decodes standard and

proprietary industrial protocols
Industrial Cisco industrial
networking enables you
Application Sensor
Application
Flow to visually inspect the
activities in your
Sensor
Visibility industrial processes to

reduce downtime.
IE 3400 Switch IR 1101 Gateway
Cyber Vision Center
Gain Operational Insights
(Centralized analytics)
Dynamic communication map

Comprehensive asset inventory
Application
Flow
Sensor
Sensor
Detect changes in the control system
Sensor
Track variable changes
Network-Sensors
(Built in Deep Packet Inspection)
Cyber Vision Center
Tactical Troubleshooting Tool
(Centralized analytics)
New component Dell workstation

detected on the network
Component Dell workstation detected

Siemens 192.168.105.150 vulnerable to Windows SMB Remote
Code Execution CVE-2017-0145
Application New Communication detected from

Flow Dell workstation to S7-400 PLC
Sensor
PLC_3 S7-400 station_1
PLC_1
Sensor Stop CPU command detected from
Dell workstation to S7-400 PLC
Program Download detected from

Sensor
Dell workstation to S7-400 PLC
Dell 192.168.105.241 Siemens 192.168.105.75

New Variable access Detected from
S7-400 PLC to HMI 192.168.105.75
Network-Sensors
(Built in Deep Packet Inspection)
Extend Security Operations to OT Protect your industrial
processes with macro &
micro segmentation built into
the industrial network
Cisco Threat Response
Firepower
Enterprise Share context from the
ISE
SOC industrial network with the
enterprise SOC
Stealthwatch
Detect, investigate, and

Cyber Vision Center remediate across IT-OT
ISA integrated security
Firewall technologies
Industrial
Network Sensor
Reduce time spent on
Network
Sensors
investigations with common
aggregated threat intelligence
Access
Firewalls CMDB SOC
Control
ISE Firepower NGFW Threat Response
Cisco Cyber Vision

Integrates with
Existing Security
Platforms
© 2019
2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Only Fully Integrated OT Security Solution
Cisco Cyber Vision
ICS Visibility & Detection
Cisco Firepower 2 2 Cisco ISE

Industrial Firewall Access Control
1 Application Data 1
2 OT Context
3 Security Policies 3 Cisco Industrial

3
Network
Deep Packet Inspection built into your Cisco Industrial Network
Cisco DNA-C Cisco Stealthwatch
Network Management Network Flow Analysis
IoT IoT Industrial IoT IoT

Switching Gateways Networking Wi-Fi Routing
Cisco Industrial Network Provides Visibility and Enforces Security Policy

Driving Customer Success
Involve all Stakeholders in the Buying Process
CSO IT OT
Security Leaders Network Managers Control Engineers
Chooses ICS Tasked with Must Approve what gets

Security Solution Deploying Solution deployed
Choice of security solution impacts all stakeholders
Meeting Stakeholder Needs
OT IT CSO
Reduce downtime with Reduce TCO by eliminating the Protect your business against
Operational insights that help need to invest in an ever- threats with the strongest suite
track of activities in your growing SPAN collection of industrial application aware
industrial process network integrated security solutions
The bridge between the enterprise and the line of business
Bring Cisco Scale and Simplicity to IIoT Security
Cisco Industrial Cisco Cisco Cisco

Networks Security Validated Designs Customer Services
Connect anything Comprehensive IT/OT State-of-the-art Human skills to
anywhere cybersecurity architecture guides enable deployments
All working together for successful Industrial IoT security deployments

Topic Summary
This topic showed you how to:
• Identify new IoT opportunities in the Security

space and beyond
• Use Industrial Security Sales Plays to help close
more deals
• Drive customer success using Cisco products
Thank you!

06 IoT Sales Training Industrial Security Sales Motion

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

06 IoT Sales Training Industrial Security Sales Motion

Uploaded by

Copyright:

Available Formats

IoT Sales Training:

Industrial Security Solutions and Sales Plays

By the end of this topic, you will be able to:

• Identify new IoT opportunities in the Security

Energy, Manufacturing, SMART INDUSTRY

Transportation, Process Industries

SMART GRIDS SMART CITIES

What OT Professionals tell us What we see during assessments:

 Security patches not installed

 Long to very long life-cycles

Ensure all relevant stakeholders are involved!

Business continuity Implement cyber security best

Need to align OT and IT experts to enable cybersecurity

2010 2017 What’s next ?

Stuxnet causes damages Ransomware attacks by This is still a relatively

Ukrainian power grid is Norsk Hydro is shut

SecOps Security policies

Cisco Cyber Vision ISA 3000 Threat Response

OT asset inventory Prevent propagation of threats Enable IT-SOC to investigate industrial

Powered by : the industry’s best threat intelligence

Operational Insights Threat Detection

IC3000 Industrial Compute Catalyst 9000 Series Switch

Cisco Firepower Threat Defense technology packaged in a

…and it’s FREE with existing Cisco Security

Cisco Talos Intelligence Group is one of the

These teams are supported by unrivaled telemetry

Talos maintains the official rule sets

Cyber Vision Sensors embedded into industrial

Leverage OT budget for

Eliminate the need for IT

Single solution for SecOps

Cisco’s Deep Packet Inspection decodes standard and

Visibility industrial processes to

Dynamic communication map

New component Dell workstation

Component Dell workstation detected

Application New Communication detected from

Program Download detected from

Dell 192.168.105.241 Siemens 192.168.105.75

Detect, investigate, and

ISE Firepower NGFW Threat Response

Cisco Cyber Vision

Cisco Firepower 2 2 Cisco ISE

3 Security Policies 3 Cisco Industrial

IoT IoT Industrial IoT IoT

Cisco Industrial Network Provides Visibility and Enforces Security Policy

Chooses ICS Tasked with Must Approve what gets

Choice of security solution impacts all stakeholders

The bridge between the enterprise and the line of business

Cisco Industrial Cisco Cisco Cisco

All working together for successful Industrial IoT security deployments

This topic showed you how to:

• Identify new IoT opportunities in the Security

You might also like