By Tyler Gannon, Vice President of Strategic Alliances, North America
Last week, President Biden issued a White House Brief expressing the need for the private sector to “harden your cyber defenses immediately.” This statement was aimed at critical infrastructure sectors which most regard as transportation, water, and energy. But the Cybersecurity & Infrastructure Security Agency (CISA) considers 16 sectors as part of our critical infrastructure and includes Communications, Commercial Facilities (like malls and stadiums), Critical Manufacturing, Agriculture, Health, Emergency Services, Financial Services, and several others. As President Biden stated, “most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors.”
The White House also released a Fact Sheet detailing the immediate recommended steps these companies controlling our critical infrastructure should take, including:
And long-term:
While companies like Microsoft and others have taken a leading stance on promoting Zero Trust Networking to help organizations meet the President’s Executive Order, most organizations will look first to implement Zero Trust security policies for their human users’ network identities when, in reality, the imperative applies equally, if not more urgently, to IoT devices and their machine identities.
IoT devices are deployed at greater scale than their human counterparts and usually have no associated “user” to pay attention to suspicious activity or take immediate action when an incident occurs. These devices are already present in great numbers across nearly all aspects of our critical infrastructure but are too numerous for traditional IT Security teams to effectively manage. As a result, they represent a significant threat target for “increasingly sophisticated malicious cyber campaigns.”
At Device Authority our entire focus is on helping organizations apply the same standards of security associated with Enterprise users to IoT devices.
Device Authority’s Keyscaler platform can help solve the problems noted above by fully automating the machine identity lifecycle for IoT devices (like rotating credentials based on policy addressing the issue of scale), and driving Zero Trust principles to the internet Edge where most of these devices operate. Further, to help our customers comply with the Biden Executive Order, Keyscaler’s capabilities include:
We work directly with chip manufacturers, device OEM’s, and IoT platform providers to easily integrate device-based security throughout its lifecycle, ensuring that “secure by design” extends all the way to “secure end of life.”
Find out more about the state of cybersecurity and the role of regulations in accelerating adoption in our upcoming webinar – click here to register.