IDS And The IoT: Snort Creator Marty Roesch On Securing The Internet of Things

Posted by: Paul   April 13, 2014 15:58Comments Off

Martin Roesch is one of the giants of the security industry: a hacker in the truest sense of the term who, in the late 1990s created a wide range of security tools as a way to teach himself about information security. One of them, the open source SNORT intrusion detection system, turned into one of the mostly widely used and respected security tools in the world. SNORT became the foundation for Sourcefire, the company Marty helped found in 2001. And Sourcefire went on to fantastic success: first as a startup, then as a publicly traded company and, as of October of last year, as part of Cisco Systems, after the networking giant bought Roesch’s company for $2.7 billion.

Marty Roesch, Cisco Systems

Roesch said that the Internet of Things will mean big changes – but not radical changes – in the way companies do security.

These days, Marty serves as a Vice President and Chief Architect of Cisco’s Security Business Group, where he’s helping shape that company’s strategy for securing the next generation of enterprise (and post-enterprise) networks. I had the chance to catch up with Marty a couple weeks back. We talked about the origins of Sourcefire and Snort and, also, about how the security context and conversation is changing to suit our modern context of borderless networks and ubiquitous, intelligent devices.

The Internet of Things presents a boggling array of security and privacy challenges for modern organizations. Just scanning a network to identify threats or suspicious behavior won’t be possible once the world has shifted over to IPv6, he notes. But adjusting to the IoT requires pragmatic and incremental changes to IT security practice, not revolutionary ones. Sure, anything with an IP address (HUE lightbulbs, anyone?) might feasibly be used as a platform for attack or to hide stolen data. Realistically, though companies will need to address less exotic threats, like employee use of third party sharing sites like DropBox, Evernote and Box. 

Check out our conversation by clicking on one of the links below!

Listen on Security Ledger
Listen on Soundcloud.com
Tags:

Comments are closed

%d bloggers like this: