IoT Use cases span a wide range of applications and verticals, anything from Automotive, Industrial, Medical, Retail, Government/Federal and more. Businesses that operate across these sectors are all embracing “IoT” and the value this can bring to their businesses. This growth in IoT and use cases is clearly going to continue but not without significant adverse impacts. One of which is the effect of helping to fuel the increase in cyberattacks, which seem to increase day after day, and are becoming more disruptive and, unfortunately, more destructive for businesses and society.
There are many solutions out there which can help mitigate cyber security attacks, all of which fall into segments specified in the NIST cyber security framework – Identify, Protect, Detect, Respond and Recover (https://www.nist.gov/cyberframework). It’s critical that organizations keep IoT Devices safe and secure, and put the right solutions in place to prevent cyber attacks.
When you look at the initial focus of a would-be attacker, it is to identify a weak entry point to an Enterprise network. IoT devices are a prime target here, simply because they don’t typically operate inside an Enterprise network perimeter and, in fact, most IoT devices through their sheer nature operate way beyond the bounds of this perimeter. Having a robust hardened IoT device is a must along with having a strong device identity as this essentially becomes the new network perimeter!
In the cybersecurity world, many measures are needed to ensure devices are kept safe and secure. A lot of focus is spent on device security, where secure by design approaches have been adopted. Clearly this is a good point to start at, but the device is one element and a holistic “end to end” approach needs to be considered. Also, nothing is static in IoT, vulnerabilities will be found, devices will be compromised, it’s how you manage all of this. Which really drives a concept of “Resilience by design” incorporating continuous assurance & authorisation, to meet the needs of IoT use cases today and tomorrow, this means we must:
As you can see from the diagram above, continuous authorization & assurance doesn’t come from one thing, it’s a combination of many things, device attestation/identity, SBOM validation, device state & context validation, policy enforcement, integrate with 3rd party MDR (Managed Detect Respond) vendors to improve device visibility and monitoring. Employing this type of framework can only help improved the cybersecurity posture of any IoT use case, protect Enterprise networks and help reduce risk.