Embracing API Integration for Enhanced Cybersecurity in IRIS PUC1

In today’s digital age, the adoption of Internet of Things (IoT) and Artificial Intelligence (AI) driven Information and Communication Technology (ICT) systems is crucial for Europe’s future. However, this rapid technological growth also presents an escalating challenge: safeguarding these systems from cyber threats and privacy breaches. The IRIS Projectis taking this challenge head-on.

The IRIS project, harnessing a collaborative-first approach, is centered around Computer Emergency Response Teams/Computer Security Incident Response Teams (CERTs/CSIRTs). It offers the first dedicated online training and cyber exercises to prepare CERTs/CSIRTs to collaboratively shield critical infrastructures and systems against cross-border AI and IoT threats.

Cisco is integrating cybersecurity into its Smart City process, helping cities manage and deliver connected urban services and expand equitable access. However, the rapid proliferation of IoT devices in our cities poses a long-term challenge: managing the cybersecurity risks associated with these devices.

Cisco provides the network infrastructure for the IRIS PUC1, including the Cisco Firewall Threat Defense (FTD) engine – a potent tool in the battle against cyber threats. Cisco FTD is a next-generation firewall and IPS solution, designed to secure networks and applications. Primarily utilized as a firewall, FTD blocks unwanted traffic, safeguarding the network infrastructure. But FTD’s capabilities extend beyond traditional firewalls. With its Application Programming Interface (API) features, Cisco FTD can be configured remotely and dynamically. This versatility is a game-changer, enabling real-time response to evolving threats.

As part of PUC1 Cisco FTD is working in conjunction with the Risk Based Response and Recovery (RRR) module. This software offers optimized responses to cyber threats, making decisions and taking actions based on the nature of the threat. When RRR identifies an incident, it decides whether the compromised or malicious network should be blocked. Since RRR isn’t a network firewall itself, it communicates with Cisco FTD via a REST API call, passing on the list of networks to be blocked.

REST API, short for Representational State Transfer API, is a set of protocols that allows software to interact with other software or systems. The beauty of REST API lies in its simplicity and statelessness. It uses standard HTTP methods like GET, POST, and DELETE, making it easy to understand and use. Additionally, REST API can handle multiple types of calls, return different data formats, and is stateless, meaning that it doesn’t need to know beforehand what state the server is in. This makes REST APIs incredibly powerful and flexible, perfect for interconnecting technologies from different vendors.

The seamless interaction between RRR and Cisco FTD via REST API cuts down the need for repetitive manual tasks, streamlining the process and improving efficiency. Moreover, RRR ensures that previously blocked networks are removed from the blacklist before passing new ones to Cisco FTD, thereby maintaining the system’s robustness and efficiency.

In conclusion, the PUC1 underscores the pivotal role of API integration in managing cybersecurity threats, with Cisco’s FTD standing as a beacon of this innovative solution. By leveraging cutting-edge technology and fostering collaboration, the IRIS project is paving the way for a secure future in the era of IoT and AI.