Security Experts:

When It Comes to IoT Security, Consistency Is Key

Each day, businesses are connecting thousands of devices to the internet. From conference room smart TVs to thermostats, most of these devices were purpose-built to perform a single function without security in mind. While this influx of technology is instrumental to the evolution of our digital age, it also presents a new layer of risk to organizations. With Gartner projecting the number of connected devices to reach 20 billion by 2020, even a small percentage of infected devices could present a major security threat to broader systems and networks.   

While IoT standards are emerging, they are as fragmented as the IoT marketplace itself. Such a wide variance in the types of devices, use cases and applications being developed has made IoT security challenging for organizations to address. The majority of IoT devices are low-power and low-cost endpoints that have limited processing power and capabilities, making it infeasible to enact security capabilities on the devices themselves. And lacking consistent visibility into where information from these devices is flowing, where it resides and how to control it, the attack surface broadens, giving cyber attackers more opportunities to obtain and use sensitive information. This makes security within the environments where the controllers and IoT applications reside critical.   

As the IoT Cybersecurity Alliance recently highlighted in its examination of the current, complex state of IoT cybersecurity, the stakes are high – IoT initiatives will likely spread well beyond the IT function and affect many aspects of business, from the supply chain to the point of sale. So, given all of the challenges with IoT security, how can organizations protect themselves from the influx of insecure IoT devices traversing their networks? The key to enabling a successful security posture for IoT is consistency. Just as there should be consistency across network, endpoint and cloud security, there should be the same consistency in identification, prevention, policy and enforcement of that policy for IoT security. To achieve this, it is important to have:   

• Complete visibility across multiple locations and network domains in the IoT value chain - You cannot protect against threats you cannot see. Just like having full visibility into applications, content and users is the first step towards informed policy control on your network, the same concept applies to IoT. Additionally, new regulations and requirements are driving the need for businesses to have better visibility, meaning security across the board needs to be better at stopping attacks before they happen.  

• Natively Integrated Security Functions - Having a complex security environment with functions that cannot speak to one another has a negative impact on your operational efficiency, increasing costs and placing extra burden on your network defender teams. Ideally, you want natively integrated functions that work together, sharing consistent information to reduce your IoT threat footprint.  

• High levels of automation across these functions and locations in order to rapidly identify advanced attacks and ensure that new security enforcement mechanisms can be deployed in near-real time. - It is important that your security is highly automated to not only prevent known IoT attacks, but also provide you with the necessary analysis of permitted traffic flows to make unknown attacks known.  

Staying consistent in your approach to security ensures that you are doing your part to detect and stop advanced cyberthreats, and prevent networks and controller environments from device-initiated attacks.

view counter
Scott Simkin is a Senior Manager in the Cybersecurity group at Palo Alto Networks. He has broad experience across threat research, cloud-based security solutions, and advanced anti-malware products. He is a seasoned speaker on an extensive range of topics, including Advanced Persistent Threats (APTs), presenting at the RSA conference, among others. Prior to joining Palo Alto Networks, Scott spent 5 years at Cisco where he led the creation of the 2013 Annual Security Report amongst other activities in network security and enterprise mobility. Scott is a graduate of the Leavey School of Business at Santa Clara University.