Smarter security for smart devices
By Mitchell Bezzina, Senior Director, Product Marketing, Cloud-delivered Security Services, Palo Alto Networks
The dependency on IoT devices to enable business, capture data, and facilitate communication is pervasive and continuing to evolve. While some of the most striking benefits of IoT revolve around business process efficiency, productivity, and cost reduction, an increasing number of enterprises are also recognizing IoT as an extraordinary source of intelligence with the ability to surface patterns or trends within the information collected by these devices. Insights derived from IoT-generated data are proving to be invaluable to business decision-makers.
This evolution is also introducing new security challenges for network and security teams alike. Conventional network perimeter defenses and legacy processes are simply not equipped to address the surge of new IoT security issues. The transformation opportunity for IoT-enabled business models in the enterprise is massive. But to reap the benefits of transformation, enterprises need network security that reliably enables IoT.
Unique IoT Security Challenges
A growing number of IoT devices are virtually invisible in enterprise networks. From building and streetlight sensors, flow monitors, surveillance cameras to IP phones, point-of-sale systems, conference room technology, and so much more, IoT technology is on the network, in the organization, and expanding rapidly.
These devices significantly expand an organization’s attack surface. Security teams are now faced with new and escalating challenges which are unique to IoT security including visibility blind spots to inventory, threats, risks and IoT data.
Take a Lifecycle Approach to IoT Security
Strategically minded CISOs and security leaders are moving beyond legacy solutions and taking a complete IoT lifecycle approach, creating an IoT security posture that reliably enables IoT innovation and protects the network from existing and unknown threats. The lifecycle approach encompasses five critical stages of IoT security.
- Understanding IoT Assets
The first stage in the IoT lifecycle requires gaining full visibility into the IoT attack surface, including all known, unknown—and forgotten devices.
- Assess IoT Risks
With the full visibility and context gained for both managed and unmanaged devices in stage one, the risks these devices pose can be accurately assessed and monitored. Assessing risk in the IoT security lifecycle requires real-time monitoring that continuously analyzes the behavior of all the network-connected IoT devices.
- Automate risk-based security policy recommendations and enforcement
Taking into account that trust is in itself a vulnerability, an effective IoT security strategy must directly align with the principle of Zero Trust to enforce policies for least-privileged access control and network segmentation.
- Prevent Known Threats
The diverse nature and use cases for IoT devices identified in the previous stages create a highly distributed environment in the network with numerous points of compromise. Successful outcomes of the security posturing in stage four of the IoT security lifecycle will require actionable insights into the detection and prevention of known threats to the IoT devices for a swift response to threat mitigation.
- Detect & Respond to Unknown Threats
When it comes to detecting and preventing truly unknown threats, legacy strategies and technology isolate threat data each organization receives and generates, creating silos and reducing the possibility of prevention. To meet the requirements of the final stage of the IoT security lifecycle, security teams need new capabilities and insights that draw from crowdsourced threat intelligence. This last step will also uncover potential threats missed in earlier stages thereby creating a cyclical process for continual improvement.
To learn more about IoT security best practices, read The Enterprise Buyer’s Guide to IoT Security, from Palo Alto Networks.
About the Author
Mitchell Bezzina is the technology team leader with over 19 years of experience in information security and endpoint forensics. Over the past five years he has been focused on bringing new cybersecurity technologies and services to market. In 2018 he drove the XDR market revolution and industry creation while helping release Cortex XDR, the first product in this space. Mitchell is currently focused on emerging technologies like IoT Security and new innovations in Cloud-delivered Security Subscriptions.