A Sense of Security Blog

Don't Leave a Black Hole in your IoT Security!

Step 1: Assume IoT Vulnerabilites

Step 2: Weed Through a Flawed IoT Security Market

The Internet of Things (IoT) is disrupting traditional networks. It’s enabling greater centralized control and management over more and more services and greatly expanding business opportunities across all sectors. We’re seeing rapid adoption of IoT for Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA), and increasingly employed across government, healthcare, retail and banking.

The picture of connectivity via the IoT which Gartner described via its Top Strategic Predictions for 2018 and beyond at the Gartner Symposium/ITxpo 2017 in October is extensive with no signs of slowing down. Of the 10 predictions outlined, the following two focused on IoT security.

IoT in Everything – By 2020, IoT technology will be in 95 percent of electronics for new product designs. With the technology evolution surrounding the IoT, it will become increasingly possible to add IoT features to a product at minimal cost.

 While security challenges need to be sorted, suppliers should begin to think about how to implement this technology, toward which consumers will soon gravitate, into every electronics-enabled product.

 Assume IoT Security Vulnerabilities – Through 2022, half of all security budgets for IoT will go to fault remediation, recalls and safety failures rather than protection.

Due to challenges in determining security risks and exposure for IoT, current budgets for security spend is minimal. However, the scale of IoT into various markets will outpace support systems, resulting in a need for recalls for devices that cannot be patched.

While there are countless benefits to IoT technology, the broadened attack surface introduces new security vulnerabilities, tearing down the walls of “closed” technologies we used in the past. Connected organizations are more susceptible to common, yet advanced attacks. In fact, one of the biggest obstacles with IoT security is the ability to identify vulnerabitiles: you can’t protect against something you don’t see.

Surprisingly, most of the “IoT security” solutions on the market today are fundamentally flawed, and do not provide the complete visibility needed to secure IoT environments effectively. A major problem with most organizations is the inability to identify ALL leak paths that you have today and in real-time not only to identify existing leak paths, but also new leak paths created in real-time. Adding threat intelligence, as described below, provides security context on leak paths being unauthorized, specific attack activity, misconfigurations or actual authorized change. Beyond that, on average, Lumeta research has determined that over 40 percent of today’s dynamic networks, endpoints, cloud infrastructure are unknown, unmanaged, rogue or participating in shadow IT, leading to significant infrastructure blind spots by both enterprise and government departments alike. This indicates a real lack of real-time awareness to prevent attackers compromising systems. In addition, as attackers identify weaknesses in these solutions, those blind spots must be eliminated to prevent compromises and costly breaches.

Continuous changes to the network landscape, including infrastructure, operating systems, and applications can cause organizational security policy and network defense configuration to become misaligned, contributing to a proliferation of leaks. And it only takes one leak to allow malicious intrusion into a network. To truly protect you organization’s connected IoT environment, you need complete, real-time IP infrastructure visibility, real-time network change monitoring, and threat detection.

By enhancing Lumeta’s Recursive Network Indexing techniques with the context of network state change via analysis of network control plane protocols, the Lumeta Spectre platform provides authoritative cyber situational awareness, in real-time, as mobile, virtual, cloud assets and even the physical/software defined network itself changes and proactive identification of leaks and exposed network zones to prevent network subversions.

To learn more, visit http://www.lumeta.com/spectre-iotics to see how Lumeta can help detect leak paths and segmentation misconfigurations and violations. You can also contact us here! Until then, we’ll have part two later this month, so stay tuned!