When IoT technologies appeared on the horizons, the industries such as healthcare, smart cities, building management, public utilities, transportation, and manufacturing etc, picked it up early. Now, IoT is already being used by so many companies.
Up to 30% of devices on enterprise networks are IoT devices now, as per a report from Palo Alto. In fact, the world has seen the convergence of IT and Operational Technology (OT) systems. IoT devices have played a great role in this convergence. IoT has remarkably improved the automation of processes, supply-chain management and adherence to some compliances and it is driving up the productivity of workforces.
But IoT has raised many serious cybersecurity challenges too...
-
What Are Top-3 IoT Security Issues?A large number of IoT devices are still unmonitored and unsecured but they are connected to the networks of companies. IT teams that are usually good in security other network devices etc, find it very hard to secure IoT devices.
There are two primary reasons...
The standard cybersecurity arrangements are usually not capable to recognize all types of IoT devices. They cannot build unique 'Risk Profiles' of each types of such devices and do not know what is the expected behaviour associated with such devices.
The even bigger reason is that IoT devices are still not seen as a part of IT (as we know it) but these devices are used by any business center as per their whims and fancies. Outcome is that these devices BY-PASS your standard Information Security controls and processes...
The problem is aggravated more, because different IoT devices use different hardware, chipsets, operating systems and firmware, and have a longer operational lifespan than their cyber lifespan.
Since it is hard to identify such devices and build tracking mechanisms for them, IoT devices are often considered as 'Unmanaged endpoints' in the enterprise network. This leaves them vulnerable to 3-types of cyberattacks: Exploits, Password-related attacks/phishing, and Malwares...
In the graphic shown above, Palo Alto has depicted the all sorts of threats to IoT devices beautifully.
-
What is IoT Security?Since you have already understood the security issues raised by IoT devices, it is now time to 'IoT Security.'
IoT Security can be defined as a combination of security strategy and protection mechanism that are specifically designed to safeguard your IoT devices from cyber-attacks, with a clear intention of protecting your other OT and IT systems & networks.
What causes more concern for securing IoT is that there are so many different types of such devices which are added to corporate networks. You may not understand that each different kind of device added to your networks, is dramatically BROADEN-ing the attack-surface your organisation is facing. You may not understand that each one type of such device, can potentially become the WEAKEST link of your company's security posture, unless that device is already secured adequately.
You may wonder to know that 98% of all IoT device traffic is unencrypted. How come it is not putting your personal and confidential data at severe risk...??
There is so much variation in the hardware and OS of these devices, that one security method that works with one type of such device won't work with another similar device. That's why, a single malware prevention agent that is compatible with most IoT platforms, does NOT exist.
The bad habit of using weaker passwords continues with IoT devices. A large number of IoT devices are habitually left unpatched and usually run on outdated operating systems.
Peer-to-peer C&C communication and self-propagating IoT malware WORMS are two new attack tactics emerging on the IoT security horizon.
-
HOW CAN YOU SECURE IOT DEVICES IN YOUR ENTERPRISE?
In my previous posts on IoT, I have already established that each IoT device can be a potential entry-point for a threat-actor. If some robust security is not build around them, then there is a very high probability of these devices compromised and controlled by any threat-actors. One single entry, can make attackers pivoting to your more critical digital assets in the corporate network.
Once infected with a malware, these IoT devices can be used as 'botnets' to launch DDoS-attacks on any outside network too using the internet.
Here are few things your organisation or you can do:
1. Mutual Responsibility Of IT/OT teams.
The onus of managing these devices' security is a mutual responsibility of your IT/Network Security team as well as of your Operational Technology (OT) teams. Both of them should work together to ensure that all these 'unmanaged' devices fall within the same level of VISIBILITY and CONTROL, as those IT-devices that are managed.
2. Visibility is the key.
You must know what all IoT devices are operating in your organisation. What types? What numbers? Where? What Brand? What hardware/OS? So many more details are needed.
The whole point is that you have to discover which types of devices are connected to your network and you need to keep a detailed, up-to-date inventory of all connected IoT assets, ideally with a dedicated IoT security solution to ensure that all devices are identified. You collect the manufacturer and model ID; the serial number; hardware, software and firmware versions; and information on underlying operating systems and configuration applied to each device.
I would recommend that you go one more step ahead and determine the RISK PROFILE of each device and its BEHAVIOR as applied to other connected devices in your network. You may want to ask me a question - Why?
Answer is simple that -- these risk-profiles will help you greatly in network-segmentation decisions and
creation of appropriate POLICIES in your NGFW.
You should always keep your asset-map CURRENT (latest) with each new IoT device connected to the network.
3. Network Segmentation is must.
Just note one thing here that you as a security professional always want to keep the explosion-radius to as small as possible. You achieve that via network segmentation only.
Network segmentation divides a network into a number of subsections to enable you a granular control over lateral movement of traffic between devices and workloads. At the same time, the more a network is segmented, the harder it is for hackers to move laterally.
Thus, you should use VLANs configurations and appropriate firewall policies to implement network segments that keep IoT devices SEPERATE from other IT assets of your company.
You should choose a good IoT Security platform that integrates well with your NGFW...
4. Adopt Secure Password Practices
Many IoT devices come with weak preset passwords that are easy to find online. So, as soon as an IoT device is first connected to your network, it is a best to reset its preset password with a secure, more complex one, according to your security team’s password policies. Maintaining strong password security is critical to securing your IoT endpoints.
5. Make FIRMWARE patching and update a TOP-priority.
Most IoT devices may not have in-built self or auto-update feature with them, like your other IT devices or software. That's why, security flaws with them stay there indefinitely.
When you are setting up a new IoT device, you should visit the vendor’s website and download any new security patches for known vulnerabilities. You should ensure that your devices are regularly patched with the latest updates is important, so work with your IoT device vendors to establish a recurrent patch management and firmware upgrade strategy.
In the case of IoT devices with particularly long shelf lives, there is often also a risk that the manufacturer will discontinue support. If you face any such situation, advise the company's management to replace those devices with newer IoT devices as soon as possible. Remember, a $20 device may cost your company a $20,000,000 breach...
6. Monitor, MONITOR, mONitEr
You should actively Monitor IoT Devices at All Times. No excuse!
You should implement a real-time monitoring solution that can continuously analyze the behavior of all your network-connected IoT endpoints.
-
Kindly write 
your comment on the posts or topics, because when you do that you help me greatly in 
designing new quality article/post on cybersecurity.
your comment on the posts or topics, because when you do that you help me greatly in designing new quality article/post on cybersecurity.You can also share with all of us if the information shared here helps you in some manner.
This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.
Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...
She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.
30,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.
If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:
Click Here to follow her: Cybersecurity PRISM