Nov 15

2017

Unlocking the Full Potential of IoT

By Seth Jeacopello

I recently had the opportunity to participate in a panel discussion at the 2017 IoT Security Summit, which was in New York City at the end of October. The session boasted an impossibly long title, How data and devices are secured across Energy, Healthcare, Transportation”, but I was in great company with four other security leaders on the panel:

 

Moderated by Shriram Ramanathan, a Senior Analyst at Lux Research, we dug into the security challenges and risks of IoT applications and devices. In so many ways, IoT security is about the device, but it also incorporates a broad ecosystem of users, data and endpoints, which demand layered security approaches and solutions. However, all of this is underlined by foundational component of visibility. How can you secure something if you don’t know it’s there?

 

The summit brought together a wide variety of professionals at the forefront of IoT and security innovation, and overall, I was impressed by the quality of the presented content and ensuing discussions. Here’s a quick summary of some of the key takeaways:  

 

  • The cybersecurity challenges we’re facing aren’t new, however with somewhere near 6 billion (and growing) IoT devices deployed, the consequences have become dire. In examining recent large-scale breaches, one panel discussed IoT vulnerabilities that bad actors are and will continue to exploit. For example, IoT endpoints tend to significantly increase the network attack surface, and unmanaged devices, in particular, are being weaponized for botnets, malware and assaults.
  • IoT endpoint security is very device-centric today. In many cases, traditional approaches such as user-based authentication, software agents, anti-virus and even data encryption are either non-starters or are simply not relevant for these devices. It’s more important than ever to have a layered security approach that accounts for the devices themselves.
  • Related to the above, another big theme was how device discovery, visibility and control are fundamental to securing IoT. Especially as devices are being deployed outside of normal IT channels, it’s essential that security teams have the ability to identify and monitor all connected devices in real time. This is especially critical in industries such where devices are geographically dispersed and physically exposed.
  • There’s a clear need for industry standards and conformance testing across the entire IoT development chain. Manufacturers and enterprise customers will benefit as silicon and device development through to system deployments, are engineered within well-defined security practices and frameworks.
  • Training is also a critical part of any enterprise security strategy, and it spans beyond IT security personnel. Organizations need to prep their entire workforce on protocols for preventing cybercrime, as well as how to respond when a breach does occur. Fundamentally, security must be an essential component of all employee training.

 

The intersection of highly visible cyberattacks and the rapid expansion of IoT is creating a new sense of urgency for CISOs and Security teams alike. The sheer number and types of connected devices require new ways of thinking about network and device security, and the summit was a great opportunity to drive the conversation forward, collaborate on best practices and to discuss considerations for securing the Internet of Things.

 

Get the Gartner Market Trends IoT Security Report

Topics: IoT Security

Comments

Related Posts

Dec 05

2017

The Top 20 Cybersecurity Controls: How Many are in Your Security Toolkit?

When it comes to staying up-to-date on cybersecurity compliance requirements, technology trends and best practices, do you find yourself in information overload? It’s no small task to keep on top of...

Nov 22

2017

Cyber Theft: Another Holiday Tradition?

Brace yourselves. Black Friday and Cyber Monday are just around the corner, and they’re going to be huge. Consumer spending is forecasted to grow by a remarkable 47% over the same period last year....

Nov 09

2017

Discovery, Visibility and Control: The Prerequisites for IoT Security

The Internet of Things has ‘crossed the chasm’. Technology innovators have innovated; early adopters have adopted. Enterprise rollouts are moving from pilots to full deployments, especially within...

Subscribe to Blog Updates