Security Experts:

Connect with us

Hi, what are you looking for?



Need to Jumpstart IoT Security? Consider Segmentation

The Internet of Things (IoT) holds great promise for business collaboration and innovation through connections unimaginable a decade ago.

The Internet of Things (IoT) holds great promise for business collaboration and innovation through connections unimaginable a decade ago.

In the healthcare industry, medical devices connecting patients, care givers, and systems across facilities are being used to save lives and find cures. Manufacturers embarking on their digital transformation journey are connecting devices on the factory floor to increase uptime, productivity, and competitive advantage. And connected meters, switches, and circuit breakers are allowing utilities to deliver power with the reliability and reach necessary to keep the economy moving. In fact, the number of connected things is expected to reach more than 20 billion by 2020 according to Gartner.

But as the IoT grows so too does security risk. Organizations often aren’t aware of all the IoT devices connected to their network and expanding the attack surface. Adversaries are taking advantage of these weaknesses and are using these devices to establish a presence in an environment and move laterally across networks quietly and with relative ease until they accomplish their mission. WannaCry held medical devices for ransom at hospitals and shut down factories. Attacks on power grids compromised devices to infiltrate and disrupt critical infrastructure. Meanwhile, botnets like Mirai have infected hundreds of thousands of IoT devices, turning them into a collective weapon capable of launching coordinated attacks to incapacitate websites and take down parts of the Internet itself.

Segmenting NetworksIoT devices cannot protect themselves, either lacking the system resources to run any significant security capabilities or never designed with security in mind. Yet they need to be secured so that they can perform their functions unimpeded while making it harder for threat actors to use them for malicious activity.

Without visibility into the entire network, even expert security teams can miss anomalies and threat detectors. The next layer of defense comes from network and application segmentation that can secure your most private intellectual property and data. With flat networks, once attackers get in, they can go anywhere, and attaching IoT devices only increases the attack surface. Software-based, extensible segmentation at an IoT scale, along with a segmentation strategy driven by security controls, can prevent lateral movement and effectively improve security.

As you outline your segmentation strategy, here are three important aspects to keep in mind:

Identity and Trust – Establishing identity and the assignment of trust to users and devices

Visibility – To network, system, applications, and devices that drive security analytics and auditability

Availability – Establishment of resilience and availability mechanisms to meet business requirements

Let’s take a quick look at how these elements come together.

Electric utilities can have hundreds to thousands of power substations in geographically remote and difficult-to-reach locations. Therefore, any work that may be done remotely will help keep operational costs down by saving time and effort. Of course, that access must be secure. Additionally, if a technician is required to visit a substation, network access must be restricted to approved devices. Similarly, manufacturers often must allow remote access to their network from multiple vendors that provide remote support to their equipment. But they often lack visibility as to when the vendors are accessing their networks and what actions the vendors are taking during that time. A strategic segmentation approach ensures alignment to business goals while allowing only permitted, profiled devices access be it to the network at the substation, or to machinery on the factory floor.

In a hospital setting, equipment moves around; an array of devices are connecting to the network; patients and care givers need network access; electronic medical records must be protected; and campuses and regional clinics need to be connected. You need to understand all the systems on the network that generate data and the various individuals and devices that need to communicate and have access to that data. From there you can assign permission-level access and apply policy enforcement, not just in the network but also within systems and applications.

Segmentation is an important element of any security strategy to mitigate risk from IoT-based attacks, but it has to be done right. An approach that considers both specific business goals and the technology landscape and is developed and can evolve based on identity and trust, visibility, and availability allows you to reduce risk while helping your organization realize the promise of the IoT.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...