Security: The vital element of the Internet of Things
We’re now experiencing a new wave of technology that’s being defined by connected devices everywhere. It’s all a part of the Internet of Things (IoT). These connected devices are impacting our lives on a daily basis, changing everything from the way we provide healthcare to cooling our homes to running our manufacturing facilities and other critical infrastructure. Today there are 10 billion connected devices but that number is expected to grow exponentially exceeding 50 billion sensors, objects, and other connected “things” by the year 2020.
Each of these devices could either be an asset you want to protect and enable, or a threat vector. The ultimate goal of IoT is to increase operational efficiency, power new business models, and improve quality of life and by connecting everyday objects and networking them together, we benefit from their ability to combine simple data to produce usable intelligence. To capitalize on the vast opportunities that the IoT brings doesn’t just require networked connections but secure networked connections. Cybersecurity is not just a top consideration with the IoT, but one that is foundational to delivering on the promise of the vision. Protecting all of the interactions of the IoT is crucial in enabling people and organizations to benefit from these advances.
In today’s world of IoT, cybersecurity needs to be top of mind as the number and type of attack vectors will continue to increase as will the amount of data, creating a daunting challenge for companies and those responsible to defend the infrastructure. No longer is it a matter of if attacks will happen, but when. Incentives for attackers are extremely large, and all organizations need to understand how these attackers pursue valuable data.
IoT Cybersecurity Challenges
The IoT is exponentially increasing the number and type of attack vectors, creating many new and unforeseen challenges for organizations and those responsible for defending the infrastructure. Some of these challenges include:
• Increased attack surface. With billions of new devices now connected to the IoT and more devices connecting all the time, the ability to gain visibility into these attack vectors, let alone close them to malicious actors, is increasingly difficult.
• Threat diversity. Due to the variety of objects adversaries can target, many of which are in insecure locations, attackers are able to devise new methods we have yet to face and blend sophisticated techniques to accomplish their missions.
• Threat sophistication. Threats have already become stealthier, evading initial point-in-time detections and using nearly imperceptible indicators of compromise to reach their target. Cybersecurity systems that rely exclusively on point-in-time defenses and techniques can’t keep up with unfolding attacks.
• Differentiated Enforcement and Remediation. IT and OT networks are managed with different priorities in mind. Cybersecurity policies that are intended for one environment often do not translate well to the other. This presents serious tradeoffs between protection and continuity of operations.
• Complexity & Fragmentation. Networks and their components constantly evolve and spawn new attack vectors - mobile devices, web-enabled and mobile applications, hypervisors, social media, web browsers, and home computers - making cybersecurity a complex problem to address. The inherent diversity of IoT networks further expands this to new device types.
• Shortage of skilled resources. Adding to these challenges is the lack of in-house technology skills necessary to maintain a strong security posture to keep up with a rapidly developing and evolving threats. For 2016, the world-wide shortage of security professionals is estimated at more than a million, increasing to 1.5 million by 2019 which indicates how much demand there is for security talent. Since the demand is greater than the supply, many organizations struggle to attract and retain security professionals and, consequently, this further constrains security teams.
What’s Needed
What’s needed is a new, threat-centric and operational approach that is as pervasive as the IoT and the threats themselves. This new approach must span a range of attack vectors and address the full attack continuum - before, during, and after an attack. With this model we can protect computer systems, networks, and data. I believe that the right approach for IoT cybersecurity should deliver on three key imperatives -visibility-driven, threat -focused, and platformbased. Here are my reasons why:
Visibility-Driven: We must be able to accurately see what is happening in the environment in realtime to gain knowledge about the environment and threats. Visibility needs to come from the network fabric, endpoints, mobile devices, applications, virtual environments and the cloud. A realtime, accurate picture of devices, data and the relationships between them is crucial to making sense of billions of devices, applications, and their associated information.
Threat-Focused
We need to presume compromise and hone our ability to identify threats based on understanding normal and abnormal behavior, identify indicators of compromise, make decisions and respond rapidly. Policies and controls are important to reduce the surface area of attack, but threats still get through. We need to focus on detecting, understanding and stopping threats. With advanced malware and zero day attacks this is an on-going process that requires continuous analysis and real-time cybersecurity intelligence, delivered from the cloud, that is shared across all technologies for improved efficacy.
Platform-Based: In this new IoT environment, security is now more than a network issue; it requires an integrated system of agile and open platforms that cover the network, devices and the cloud. These platforms need to be extensible, built for scale and centralized management for unified policy and consistent controls. We need to move from deploying simple point cybersecurity appliances to integrating a true platform of scalable, easy to deploy services and applications.
The promise of the IoT can only be fully realized when fears about the very real security implications are assuaged. Organizations across an array of industries are embracing IoT, each with unique needs and requirements. While there is no “one size fits all” approach to cybersecurity, with a comprehensive approach to security, organizations are free to capitalize on the IoT to improve business, government, and safety in extraordinary ways. — By Scott Manson is Cyber Security Leader for Middle East and Turkey, Cisco.