National Cybersecurity Awareness Month 2019: Internet of Things Security

National Cybersecurity Awareness Month 2019: Internet of Things Security

Securing the Internet of Things

It’s week three of National Cybersecurity Awareness Month 2019. Just a reminder that our weekly blog series for this month is focused on Secure IT, which is part of this effort’s overarching message, Own IT. Secure IT. Protect IT. In our third blog, we’re exploring “IT” from an Internet of Things (IoT) perspective.

An IoT device can be the ideal target for cybercriminals. It’s an easy target since its firmware often has vulnerabilities that are simple to exploit and its default security, if any, is very low. And, it’s an attractive target since an attacker can use it as a backdoor to get to more valuable systems…more on this in a minute.

The lure of IoT potential for optimizing operations and creating new revenue-generating business models is so tempting that many organizations are moving forward with initiatives even though they have significant security concerns. IDC predicts that there will be 41.6 billion IoT devices by 2025. In a separate study, IDC expects worldwide technology spending on IoT to reach $1.2 trillion in 2022, representing a CAGR of 13.6% over the 2017-2022 forecast period.

Why Endpoint Security Isn’t Enough for IoT

While you can protect your standard devices such as desktops, laptops, smartphones and tablets reasonably well with endpoint security, it just doesn’t work as well for your non-standard IoT devices. This is true for a variety of reasons as shown in the following diagram:

The Need for Network Detection and Response

To stay secure, network traffic will also need to be a huge focus for IoT security. This is true not only because of the limitations of endpoint security for protecting IoT devices, but also because attackers can use these devices connected to the network and move laterally to access data and workloads. Just inspecting traffic crossing your perimeter with secure gateways or firewalls will likely miss compromised devices that are communicating internally with other systems on your network.

Network Detection and Response (NDR) will give you much greater ability to mitigate the increased security risks of connecting devices to the Internet. It delivers the highest fidelity insights possible into threats entering or operating within your network, including threats originating from compromised IoT devices.

Here are a few pointers on how to select the right solution:

  • Your NDR solution should provide visibility into all IoT network traffic. This will require a combination of Intrusion Detection and Prevention Systems (IDPS), Network Traffic Analysis (NTA) and Artifact Analysis.
    • NTA detects anomalous activity and malicious behavior as they move laterally across the network and cloud workloads
    • IDPS detects and prevents threats from entering your network and cloud workloads
    • Artifact analysis detects malicious content attempting to entering through the network, email, cloud and web
  • Make sure NTA supports IoT traffic, protocols, devices, etc. According to ESG analyst Jon Oltsik, “This is relatively new, but I believe IoT support will be required for all NTA tools in the enterprise within the next 12 to 18 months.”
  • “All-you-can-eat” sensors will help you affordably protect the ever-expanding attack chain surface and tremendous volumes of data that IoT will introduce. IDC predicts that IoT devices will generate 79.4 zettabytes of data in 2025. Strong security will be needed throughout the IoT ecosystem to analyze all this data and it will cost an arm and leg if you are paying for each sensor you deploy.

Secure IT

Don’t let IoT jeopardize your organization’s security. See how you can deploy a Lastline Sensor in as little as 30 minutes and begin to secure your IoT initiatives.

Schedule a demo today!

Teresa Wingfield

Teresa Wingfield

As a cyber security evangelist at Lastline, Teresa Wingfield enjoys sharing new perspectives on top security challenges such as SOC efficiency, sophisticated threats, network visibility, and hybrid data center protection.Teresa has more than ten years of security experience at leading companies such as McAfee (cloud and data center security), VMware (mobile security) and Symantec (virtual machine protection and website security).She has also worked at several startups in the endpoint detection and response and compliance fields.Teresa holds a M.S. in Information Technologies from the Massachusetts Institute of Technology.
Teresa Wingfield