Cisco to acquire IoT security firm Sentryo
June 12, 2019
Cisco plans to acquire French IoT security company Sentryo to provide automated device visibility and protection for OT assets.
As organisations digitise, they are connecting their operational technology (OT) environments, containing a wide array of sensor and devices, to the enterprise IT networks. According to a recent report by ZK Research 55% have no or low confidence that they know all devices in their network. Moreover, the devices in OT were never built with security in mind.
These are devices such as programmable logic controllers (PLCs), which are commonly used to control a process such as oil refining or a manufacturing line, and remote terminal units (RTUs) that tend to be outside the building in a remote area, such as an electric utility substation.
“With these IoT devices lacking modern embedded software and security capabilities, segmentation will be the key technology to allow communication from operational assets to the rightful systems, and reduce risk of cyber security incidents like we saw with WannaCry and Norsk Hydro,” said Liz Centoni, senior vice president of Cisco’s IoT business group.
She said the acquisition would help Cisco customers with three problems:
- Visibility: Network enabled passive deep packet inspection (DPI) capabilities to discover IoT and OT assets, and establish the communication patterns between devices and systems. Sentryo’s sensor is natively deployable on Cisco’s IOx framework; it can be built into the industrial network these devices run on instead of adding additional hardware. Sentryo should add value for Cisco customers including those operating industrial control systems in oil and gas, electric utilities, building automation, mining operations, and chemical processing facilities.
- Segmentation: As the device identification and communications patterns are created, Cisco will integrate this with DNA Center and the ISE identity services engine to let its customers easily define segmentation policy and specific actions. This integration should allow OT teams to leverage the IT security teams expertise to secure their environments, without risk to the operational processes.
- Operations: For OT users, Sentryo also provides operational visibility such as PLC start-stop, operational events, as well as programming changes being made to PLCs, RTUs and other industrial devices. With these capabilities OT can improve uptimes and production yields, improve safety, and maintain a robust cyber security posture.
In May this year, Frost & Sullivan awarded Sentryo the 2019 Europe Customer Value Leadership Award for helping companies secure their OT networks and industrial IoT systems. Sentryo’s ICS CyberVision product offers control engineers and cyber-security professionals visibility into their industrial assets and technologies such as AI and machine learning to deliver high-level cyber-resilience for ICS and scada networks.
“Sentryo brings innovative technologies to this new market of industrial cyber security,” said Nandini Natarajan, industry analyst at Frost & Sullivan. “It also focuses on building strong relationships with customers to help them build and run their OT cyber-security project. The ICS CyberVision platform comes in various configurations designed to match the maturity of each customer and can be deployed by leading system integrators around the world. Sentryo also offers a threat intelligence service to raise customers’ knowledge on OT cyber security and organises regular workshops and webinars for customers to share best practices.”
Natarajan said at the time that Sentryo was expected to grow faster than the industry, expand its global footprint and emerge a highly competitive player.