Unleashing IoT Capabilities in a Secure Environment

The pandemic sped up digitalization, increasing opportunities and risks. With more devices entering the digital space, interacting with one another, or creating dependencies, IoT device connections are more complex and vulnerable.

Predictions show that by 2025, over 85% of enterprises will have more smart edge devices on their network than laptops, tablets, desktops or smartphones. Similarly, by 2026, over 90% of enterprises will have experienced a security incident related to the edge network.

IoT devices have more than one way to connect to a network, offering multiple entry points that cyber attackers exploit. Bad actors are getting smarter and their methods and techniques are evolving, with some already using AI and automation to look for weaknesses and launch bigger, more effective attacks.

Cyber security growing pains in IoT

As IoT expands and operational technology (OT) moves from "air-tight" to "networked edge" devices, it will be very hard to extend security to these new devices. In fact, many businesses will find it virtually impossible because of the multiple layers of possible attacks.

The main attack areas of IoT are:

Devices. Devices can be used as the main way to start an attack. Memory, firmware, physical interface, web interface, and network services of a device can all be weak spots.

Software programs and apps. Vulnerabilities in web applications and the software for IoT devices can lead to systems being broken into. Web apps can be used to steal user credentials or push malicious firmware updates, for example.

Gateways, routers, and other communication channels. Attacks can come from channels that allow IoT components to talk to each other. Protocols used in IoT systems can have security problems that can affect the whole system. Network attacks like denial of service (DoS) and spoofing can also be used against IoT systems.

What are the biggest pain points of IoT for cybersecurity?

Issues with passwords and authentication. Device manufacturers hardcode default passwords to streamline end-user setup. Unfortunately, the end-user usually forgets to change the password as they don’t realize the dangers of default passwords.

Insecure hardware. Something as simple as plugging in a USB driver on an IoT device can infect systems with malware.

Privacy and data leaks. IoT devices communicate with one other as well as with end-users, which ironically, is one of the biggest issues as it surrenders control. While device security is important, data transmission security is also crucial.

Unpatched vulnerabilities. Frequently, we see users avoid system patches. Patches deliver security enhancements that protect networks against newly discovered vulnerabilities but when not applied, cyber attackers have a field day.

Remote employees and hybrid work. With COVID-19, many organizations work online only. Company-owned devices are in employees' homes where security is not ideal and less robust than an organization’s office network. Hybrid working models make things easier for cyber attackers as they can exploit smart devices, wearables, tablets, speakers, and more.

Data interception. Hackers will intercept communication channels between systems to exfiltrate data. Many IoT devices are not encrypted, and attackers can easily steal data like login credentials without needing to decrypt them.

Outdated devices. Desupported, deprecated, or outdated devices allow cyber attackers to compromise entire networks. From unreliable system customizations to the use of third-party software or hardware, attackers exploit the vulnerabilities of devices.

Strengthening IoT security infrastructure

Organizations realize the need of a strategic approach from top to bottom when it comes to cybersecurity, especially since cyber risks can be present in virtually every layer of IoT or Edge infrastructures. Here are some of the most significant recommendations to secure IoT environments.

• Advanced network visibility: Ensure 100% visibility of all IoT devices that connect to the Edge network. Set up a policy for governance that puts all unknown devices in a quarantine area.
• Smart firewalling: Use firewalling embedded with threat detection.
• Real-time network monitoring: Secure and defend your IoT and Edge infrastructures in depth by extending real time network monitoring to look for traffic patterns that indicate a threat.
• Threat intelligence software: Immediate detection of early signs of all attacks, unknown and well-known in pre-execution phase
• Patching: Improve security by extending patching processes to IoT and Edge systems where possible.
• Turn off unused connections: Reduce the number of possible attacks by making it part of a security policy that unused network connections must be turned off.
• Telemetry scans: Increase security with network telemetry that continuously scans IoT devices and Edge locations to report on performance and configuration.
• Incident response and remediation: Automated incident response in IoT devices, the Edge, or on-prem environments thanks to real-time visibility across an organization’s information security system, threat research based on historical data, anomalous detection, and 24/7 monitoring.

Achieving all of these recommendations manually would require an army of dedicated security professionals, which is most likely financially impossible. Instead, the best route is to search for automated AI solutions that can help cope with all of these security protocols.

Artificial intelligence and automation are shifting the way cybersecurity is approached by companies, highlighting the need for more sophisticated tools to deal with more sophisticated attacks.

Recent research shows that investments made on AI and automation pay off:

• Reduced total cybersecurity costs by at least 15%, citing efficiency and productivity gains.
• Reduced data breach costs by at least 18%, showing improvement in detection and response processes.
• Improved return on security investment by 40% or more, indicating the effectiveness of avoiding cyber risks.

Even the most cybersecurity-mature organizations are a work in progress; it’s an ongoing endeavor that requires continuous learning, adaptability, and improvement as the dynamicity of the space and the systematic emergence of new threat vectors demand the prioritization of preparedness and resilience. A cyber attack is not a matter of “if” but “when” and to “what extent.”

As the IoT space continues to expand and evolve, so should your cybersecurity approach, employing only the smartest technologies that can handle but also proactively mitigate the cyber threats of today and tomorrow.

As published in Security Boulevard.