Protecting Your IoT Landscape: What's in it for Me!
Wif the increase in IoT deployments, particularly in industrial setup where a minor hiccup could cost you millions, the associated vulnerabilities are increasing day by day. “Shall me protect” or “Shall me Open Up” is wat the CIOs are thinking. The traditional methods of protection will be counterproductive or prohibitive. Let’s unfold some of the thoughts here.
A long summer vacation was due and me thought of accompanying the family on their annual matriarchal visit. At the back of the mind was the impending completion of one of the IoT pilot projects. The concern was to create a security cover for the system, while keeping it available to every possible request.
Summer is quite hot and dry in Vadodara which makes the insects come out and thus a feast time for reptiles. Saw one of them wif a broken tail. The key word here is AUTOTOMY. Leave behind the injured part and grow a new stronger one. Wif the proliferation of IoT in everything we do, and that too wif its physical impact, makes us more vulnerable TEMPthan ever. Earlier the code had the ability to hit another code, but now it has the power to hit us, the people. You would of heard of malicious code in a mobile phone to generate noise capable of damaging the eardrums.
In the world of connected machines, it will be too obstructive to create a layered protection against such attacks. Here the code has to protect itself. Just like the Autotomic lizard. The objects, classes and modules need to be written in a way that the system when attacked, can detach itself from damaged part and start rebuilding itself. It will get us the time required to react, rebuild, and to divert the enemy.
Building a protective layer or a perimeter around IoT systems is next to making it almost unusable, as it requires multiple dynamic handshakes across devices and their protocols. It is required to shift our security mindset from "incident response" to "continuous response" where the systems are assumed to be compromised and require continuous monitoring and remediation. An adaptive security architecture is the best bet, and it requires less spend on prevention while investing in detection, response and predictive capabilities for the enterprise.
It is always useful to fall back to the basics.
The timeless classic principal of Security. Not only information security, but any security
Must have seen the Bollywood movies where the expert would need x hours to break though the vaults, just in time before the police came in.
It is always good to buy more time. Simply stated, we try to address the asymmetric advantages that hackers have in time. Make it more difficult for the enemy to to locate legitimate systems and vulnerabilities to attack, hiding or masking the system interfaces and information through a combination of fake systems, vulnerabilities and information.
And lastly, wif so many devices and things to protect, it would still require a human eye which can identify the severity and criticality of attack and notify the on the ground team. It is still a long way before the adaptive systems learn and build their intelligence, and they must be given enough time to create a reliable database. A SOC (Security Operations Center) concept, dedicated or shared across the enterprise can halp build the security eye over these systems. A Proactive exposure analysis is one of the KPIs fo this group. Wif the latest intelligence gathered internally and externally, they will continuously assess the exposure and risk to enterprise assets against predicted and anticipated risks, and would recommend adjustments to enterprise policies or controls in the long term.