BRKSEC-3005 – An IoT Security Model for Securing IT-OT Assets

Presenter: Jeff Schutt – Cybersecurity Solutions Architect (Jeff works in Adv Services in the IoT team)

Full Title: An IoT Security Model & Architecture for Securing Cyber-Physical and IT-OT Converged Assets

Mix of IT/OT folks in the room. 

How do we do physical security?

  • Protect the perimeter
  • Detect breaches
  • Situational awareness (<< THIS!)
  • Forensics

How do we do cybersecurity?

  • Same principles!
  • Just different tools

IT landscape

  • Systems approach
  • Requirements dominated by business data focus
  • Time horizon: driven by Moore’s law and high tech product cycles
  • Scale: 1000s
  • Security: built into protocols (IPsec, TLS)

OT landscape

  • Requirements dominated by needs of physical systems
  • Time horizon driven by capital equipment life; complete lifecycle determined and managed by engineers
  • Scale: few; 10s – 100s
  • Security: No access to outside systems; insecure protocols

With IT and OT convergence, ther’s no way people are going to lose their jobs. We all have too much to do for anyone to be redundant. Additionally, there is a well-known shortage of skilled workers in this area.

Security awareness and training: a combination of people, process, and technology.

“Airgap security” does not address “people, process and technology”. Airgap is NOT security (on its own). Airgap is not Continue reading

Facebook letting more stores ping your phone when you’re inside

You might find yourself browsing more than the shelves at your local store, if Facebook knows you’re there. It’s expanding a location-aware program that will let businesses pop information into the top of your news feed.Place Tips lets brick-and-mortar stores send information to people’s News Feeds, by sensing where customers are through Bluetooth beacons. Facebook began piloting the program earlier this year among just a handful of businesses in New York; now the social network is opening it to small and midsize businesses across the U.S.The program publishes content from the business’s Facebook page, and posts from users’ friends about the business, to the top of people’s News Feeds while they’re at the company’s location. The goal is to give customers more information about the place, or see what their friends think of it, while giving the business increased prominence in the popular app.To read this article in full or to leave a comment, please click here

Apple replaces Passbook with Wallet as Apple Pay expands to U.K.

Apple Pay was designed to replace your physical wallet, and with iOS 9, Apple is uniting Apple Pay and Passbook under a new umbrella called, appropriately, Wallet. Announced during Apple's Worldwide Developers Conference keynote Monday, the new app will replace Passbook, but function in the same way: You’ll still store your concert tickets in Wallet alongside your Apple Pay card information. Your rewards cards for stores like Kohl’s and JCPenney will also hang out in Wallet, because Apple Pay will start supporting retail loyalty programs this fall.To read this article in full or to leave a comment, please click here

Apple Music turns iTunes into a streaming service

Apple to Spotify: We’ll take it from here. Apple’s long-awaited new streaming-music service, Apple Music, isn’t just a shot at the dominant player, which has 60 million active users. The new app challenges the way people get songs from Apple itself, which has long placed a high premium on its iTunes digital download storefront and emphasized how that platform revolutionized the music industry. Apple’s new service, unveiled during Monday’s keynote at the company’s annual Worldwide Developers Conference, takes iTunes to the next level by making 30 million of the expansive catalog’s songs streamable. That’s millions of songs on demand, right alongside the music you already own. You can comb through the iTunes catalog to find tracks you like or want to save for later.To read this article in full or to leave a comment, please click here

BRKIOT-2109 – Connecting Oil & Gas Pipelines

Presenter: Konrad Reszka, IoT Vertical Solutions Group Engineering Lead

Given a chance, how many people in this room would volunteer to be a meteorologies in San Diego?


Inflection point between 2009 and 2010 where the number of connected devices began to out number the connected people. 50 billion “things” by 2020. And this doesn’t include phones and tablets. It’s other smart devices.

Shift in dominant endpoints: from consumers (people) to devices (like sensors and such). This shift demands changes in the network to support this growth.

Cisco + Schneider Electric joint functional reference model for connected pipelines.

  • Modular approach
  • Pick the pieces you want
  • ISA99 model
  • Modern approach, such as virtualization
  • Forthcoming reference model with Cisco + Rockwell

Isolate your enterprise network from the operations network.

  • Industrial DMZ at level 3.5 (in the ISA99 model)
  • “Pull the plug” if need be and airgap the OT network from the enterprise network
  • Makes compliance/audits esier

In the erm… pipeline:

  • Connected Pipelines Cisco Validated Design
  • Schneider Electric TVDA (their version of a CVD)
  • Both docs are being co-written by Cisco and Schneider

Had to leave session halfway through due to an overlapping MtE session.

Copyright Joel Knight. All Rights Reserved.
www.packetmischief.ca

Apple to open source Swift programming language

Apple Apple brought out the big guns, from CEO Tim Cook to musical performer Drake, but perhaps the loudest reaction at the company's Worldwide Developers' Conference Monday in San Francisco resulted from news that the Swift programming language is being open sourced."We think Swift is the next big programming language, the one that we'll all be doing application and system programming on for 20 years to come," said Craig Federighi, Apple's senior vice president of software engineering who in addition to discussing Swift introduced Apple's iOS 9 developments. To read this article in full or to leave a comment, please click here

Apple shows iOS 9’s major upgrades, from multitasking to picture-in-picture

Major changes are coming to our iPads, from the way we select text, to the way we interact with our favorite apps and play videos.Speaking at Apple's Worldwide Developer Conference on Monday, Senior Vice President Craig Federighi showcased an updated version of iOS 9 that included a few new features designed specifically with tablet users in mind.MORE FROM WWDC: Apple's El Capitan OS X 10.11 to bring natural language search, other enhancementsLet’s start with QuickType, an enhancement to the iPad’s onscreen keyboard that includes new shortcuts and turns into a trackpad when you place two fingers on it. The trackpad can be used to select text, move objects around, and generally combine the convenience of touch controls and the precision of a mouse.To read this article in full or to leave a comment, please click here

Apple shows iOS 9’s major upgrades, from multitasking to picture-in-picture

Major changes are coming to our iPads, from the way we select text, to the way we interact with our favorite apps and play videos.Speaking at Apple's Worldwide Developer Conference on Monday, Senior Vice President Craig Federighi showcased an updated version of iOS 9 that included a few new features designed specifically with tablet users in mind.MORE FROM WWDC: Apple's El Capitan OS X 10.11 to bring natural language search, other enhancementsLet’s start with QuickType, an enhancement to the iPad’s onscreen keyboard that includes new shortcuts and turns into a trackpad when you place two fingers on it. The trackpad can be used to select text, move objects around, and generally combine the convenience of touch controls and the precision of a mouse.To read this article in full or to leave a comment, please click here

Most SDN OpEx benefits can be realized by automating existing use cases, Cisco says

As Senior Director of Technical Marketing and Solutions Engineering at Cisco, Frank D’Agostino leads the development and technical go-to-market strategy for Cisco’s Application Centric Infrastructure (ACI), the company’s portfolio of Software Defined Networking tools. Network World Editor in Chief John Dix recently spoke with D’Agostino about what the company is learning as customers adopt SDN. (D’Agostino was formerly VP of WW Technical Operations for Nicira Networks, the company VMware bought to drive its SDN strategy.) Is there a profile emerging of what a typical ACI customer looks like in terms of the types of challenges they’re trying to address?To read this article in full or to leave a comment, please click here

Apple will let developers build native apps for its Watch with new update

Developers will be able to create applications that run natively on the Apple watch using a new version of the wearable device’s operating system announced Monday. CEO Tim Cook gave the announcement a brief mention during his introduction to Apple’s Worldwide Developers Conference (WWDC) keynote at San Francisco’s Moscone West conference center. His proclamation drew cheers from the audience of developers, who will be able to do more with the Apple Watch than they could at the time of the device’s launch in April. It’s an improvement to the current state of Apple’s Watch OS, which currently requires users have their iPhones on and within range in order to work with third party apps. That limitation has been criticized by both developers and reviewers alike, since it reduces the Watch’s utility.To read this article in full or to leave a comment, please click here

Cisco Live 2015 – Day 1

  It has been an interesting start to Cisco Live 2015 this year.  It is nice to see everyone refreshing friendships between people that we have not seen since San Francisco, if not longer.  It is great to see many of the old (guess that what happens as years pass) faces that I have seen over […]

The post Cisco Live 2015 – Day 1 appeared first on Fryguy's Blog.

How to watch the WWDC livestream on Windows and Android

With WWDC slated to begin in less than an hour now, Apple will be providing live streams of what promises to be an exciting event. That said, live streaming will only be officially supported on either iOS devices or Macs. Which is to say, Windows or Android users who want to keep tabs on what Apple is announcing today are out of luck.Or so you might have thought.As it turns out, there is a clever way for Windows and Android users to tune in to Apple's live presentation today.Here's how it works.Download the popular VLC media player app to your computer or your smartphone. The desktop link is here while the Android link is here.To read this article in full or to leave a comment, please click here

DEVNET-1001 – Coding 101

How to Call REST APIs from a REST Client and Python

Presenter: Matt (didn’t catch last name, sorry)


I was late to this session because of wonderful San Diego traffic :-/

A walk-through of using the REST API on APIC-EM.

http://learninglabs.cisco.com – sample code, docs

Postman – plugin for Chrome browser to craft, send, receive API commands over HTTP using a nice graphical interface. Helpful for building and testing queries and also viewing the raw output from the controller that you’re querying. Is there an equivalent for Firefox?

APIC-EM docs fully cover the API. Methods, variables, etc.

“Requests” library in Python – simplifies the CRUD operations in Python.

When you’re in the lab, verifying the SSL cert of your controller (in your code) might be optional. Don’t bring that into prod code. Get a proper cert and have your code validate the cert.

Other references:

  • http://developer.cisco.com
  • http://learnpythonthehardway.org/book
  • http://api.jquery.com
  • http://codeacademy.com/tracks/python
Copyright Joel Knight. All Rights Reserved.
www.packetmischief.ca

Life gets tougher for alternative mobile OSes Tizen, Firefox and Ubuntu

The future doesn’t look very bright right now for alternative mobile operating systems Firefox OS, Tizen and Ubuntu.It’s always been difficult to attract developers to these platforms, and now smartphones powered by the OSes are also falling behind affordable Android devices on hardware specs. So not only must their users put up with a smaller selection of apps, but also with less powerful devices.Struggling to compete with Apple in the high-end of the smartphone market, the Android camp has increasingly turned its attention to mid-range and low-end products. While this has been good for consumers looking for more affordable products, it has turned up the competitive heat on Firefox OS, Tizen and Ubuntu.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Researchers seek to harvest radio waves for extra smartphone battery power

All of the recent hoop-la about extending smartphone battery life with special metals, using graphite batteries to charge a device in seconds, and even power-reducing microprocessors, could well be moot.Researchers at Ohio State University think that the way to extend battery life is not by improving battery tech—something we've found hard to do in comparison with other tech innovations—but by using the existing energy that's already found in the device that goes to waste.The reason: the radio signals emitted by a smartphone are a form of power.So harvest the stray signals, convert it all to DC, and squirt it back into the phone in the form of electricity, the researchers say.To read this article in full or to leave a comment, please click here

1 3,463 3,464 3,465 3,466 3,467 3,856