The National Institute of Standards and Technology (NIST) created guidelines for labeling Internet of Things (IoT) devices to ensure cybersecurity across the supply chain.
A single application may have hundreds of thousands of vulnerabilities. Increasingly, cybercriminals are targeting people just as much if not more than the systems that underlie an infrastructure, which is why the trusted insider conundrum is exacting renewed attention. In most instances, they represent a cheaper and more accessible conduit to achieve one’s objective. What’s to be done?
Your next home will be connected in creepy ways. It will take a while, but eventually every machine and device in your house will talk to everything else, and Consumer Electronic Show (CES)-born inspiration will be at their roots. From e-toothbrushes to connected e-toilets that can detect a health issue (Really!), the items in your home will be controlled via the internet and will be everywhere. But what does that mean for security?
Without effective cybersecurity protection, any connected medical device – including infusion pumps, pacemakers, smart pens, vital signs monitors, and more – is at risk of attack, whether it is connected to a hospital network or is one of the millions of distributed devices not connected to any network. This jeopardizes the lives of the millions of patients who depend on them.
While the technical root causes are the same, the impact of an IoT botnet attack on consumer versus enterprise and industrial devices is vastly different. An attack on a consumer gadget could be limited to a privacy issue, whereas the effect of a successful breach on a commercial device can have a significant production or safety cost. That’s why it’s more critical than ever for IT and OT security professionals to understand and be prepared to defend against this growing threat.
As with any new disruptive innovation, we must strive to strike a balance between risk and reward. While it’s exciting to ponder the possibilities of a world powered by 5G and an constellation of connected things, we must first establish a secure foundation to support these innovations. A software-based, Zero Trust security framework represents our best chance at securing the Edge from the connected things of tomorrow.
There is no one-size-fits-all IoT security solution. Organizations need to spend time selecting an IoT solution that maps to their unique business needs to ensure they’re able to maximize the investment’s potential without creating any security liabilities. Here’s what enterprises need to consider when creating their IoT deployments.
While the burgeoning world of IoT has transformed the ways in which we live and work, the world of IoT has also caught the attention of cybercriminals. As IoT devices become increasingly more advanced, hackers have simultaneously become more sophisticated in their attacks, often targeting pre-existing security loopholes to gain access to company systems.
In part 1 of this series, we covered why Distributed Internet of Things devices are attractive and vulnerable targets for cyber criminals and hackers. Now we turn our attention to strategies for protecting these devices, which in turn, helps to protect your entire network.
