Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Need to Jumpstart IoT Security? Consider Segmentation

The Internet of Things (IoT) holds great promise for business collaboration and innovation through connections unimaginable a decade ago.

The Internet of Things (IoT) holds great promise for business collaboration and innovation through connections unimaginable a decade ago.

In the healthcare industry, medical devices connecting patients, care givers, and systems across facilities are being used to save lives and find cures. Manufacturers embarking on their digital transformation journey are connecting devices on the factory floor to increase uptime, productivity, and competitive advantage. And connected meters, switches, and circuit breakers are allowing utilities to deliver power with the reliability and reach necessary to keep the economy moving. In fact, the number of connected things is expected to reach more than 20 billion by 2020 according to Gartner.

But as the IoT grows so too does security risk. Organizations often aren’t aware of all the IoT devices connected to their network and expanding the attack surface. Adversaries are taking advantage of these weaknesses and are using these devices to establish a presence in an environment and move laterally across networks quietly and with relative ease until they accomplish their mission. WannaCry held medical devices for ransom at hospitals and shut down factories. Attacks on power grids compromised devices to infiltrate and disrupt critical infrastructure. Meanwhile, botnets like Mirai have infected hundreds of thousands of IoT devices, turning them into a collective weapon capable of launching coordinated attacks to incapacitate websites and take down parts of the Internet itself.

Segmenting NetworksIoT devices cannot protect themselves, either lacking the system resources to run any significant security capabilities or never designed with security in mind. Yet they need to be secured so that they can perform their functions unimpeded while making it harder for threat actors to use them for malicious activity.

Without visibility into the entire network, even expert security teams can miss anomalies and threat detectors. The next layer of defense comes from network and application segmentation that can secure your most private intellectual property and data. With flat networks, once attackers get in, they can go anywhere, and attaching IoT devices only increases the attack surface. Software-based, extensible segmentation at an IoT scale, along with a segmentation strategy driven by security controls, can prevent lateral movement and effectively improve security.

As you outline your segmentation strategy, here are three important aspects to keep in mind:

Identity and Trust – Establishing identity and the assignment of trust to users and devices

Visibility – To network, system, applications, and devices that drive security analytics and auditability

Availability – Establishment of resilience and availability mechanisms to meet business requirements

Let’s take a quick look at how these elements come together.

Electric utilities can have hundreds to thousands of power substations in geographically remote and difficult-to-reach locations. Therefore, any work that may be done remotely will help keep operational costs down by saving time and effort. Of course, that access must be secure. Additionally, if a technician is required to visit a substation, network access must be restricted to approved devices. Similarly, manufacturers often must allow remote access to their network from multiple vendors that provide remote support to their equipment. But they often lack visibility as to when the vendors are accessing their networks and what actions the vendors are taking during that time. A strategic segmentation approach ensures alignment to business goals while allowing only permitted, profiled devices access be it to the network at the substation, or to machinery on the factory floor.

In a hospital setting, equipment moves around; an array of devices are connecting to the network; patients and care givers need network access; electronic medical records must be protected; and campuses and regional clinics need to be connected. You need to understand all the systems on the network that generate data and the various individuals and devices that need to communicate and have access to that data. From there you can assign permission-level access and apply policy enforcement, not just in the network but also within systems and applications.

Segmentation is an important element of any security strategy to mitigate risk from IoT-based attacks, but it has to be done right. An approach that considers both specific business goals and the technology landscape and is developed and can evolve based on identity and trust, visibility, and availability allows you to reduce risk while helping your organization realize the promise of the IoT.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

ICS/OT

Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.