|
|
This video is part of the appearance, “Cisco Cloud Networking Presents at Tech Field Day Extra at Cisco Live EMEA“. It was recorded as part of Tech Field Day Extra at Cisco Live EMEA 2024 at 13:00-15:00 on February 7, 2024.
Watch on YouTube
Watch on Vimeo
Andrew McPhee, a solution manager for industrial security at Cisco, discusses how Cisco Cyber Vision and Cisco Secure Equipment Access can assist with NIS2 compliance. NIS2 is a European standard that mandates cybersecurity measures for critical industries. Andrew explains the importance of NIS2 as a forcing factor for industries to implement security measures, which apply to a wide range of industrial verticals.
He highlights the need to understand the risk profile of devices on a network, manage supply chain security, handle vulnerabilities, and implement access control policies, including multi-factor authentication. Andrew emphasizes the role of Cisco Cyber Vision for deep packet inspection and asset visibility in operational technology (OT) environments, which helps assess vulnerabilities and risks. He also discusses Cisco Secure Equipment Access for remote access, moving towards a Zero Trust Network Access (ZTNA) model.
Andrew demonstrates Cisco’s IoT Operations Dashboard, which facilitates secure remote access to network devices and systems. He explains how the dashboard can be used for both clientless and client-based access, with features like session recording and scheduled access for vendors. The demonstration includes an overview of Duo, Cisco’s multi-factor authentication platform, and how it integrates with Secure Equipment Access for identity verification and policy enforcement.
Next, Andrew presents Cisco Cyber Vision, which provides a risk analysis of OT networks through passive monitoring and deep packet inspection. Cyber Vision can detect changes in the network, create baselines, and generate security reports. It can also integrate with Cisco’s Identity Services Engine (ISE) to implement segmentation based on the zones and conduits model from the IEC 62443 standard. He explains how Cyber Vision can share information with ISE to assign devices to security groups and enforce policies.
Throughout the discussion, Andrew addresses questions from the audience regarding the capabilities, integrations, and potential applications of the technologies presented. He clarifies how Cisco’s solutions can be adapted to various network architectures and the benefits of implementing security group tags for macro and micro-segmentation in industrial networks.
Personnel: Andrew McPhee