How to Protect All Five Stages of the IoT Security Lifecycle


By Mitchell Bezzina, Senior Director, Product Marketing, Cloud-delivered Security Services, Palo Alto Networks

The dependency on IoT devices to enable business, capture data, and facilitate communication is pervasive and continuing to evolve. While some of the most striking benefits of IoT revolve around business process efficiency, productivity, and cost reduction, an increasing number of enterprises are also recognizing IoT as an extraordinary source of intelligence with the ability to surface patterns or trends within the information collected by these devices. Insights derived from IoT-generated data are proving to be invaluable to business decision-makers.

This evolution is also introducing new security challenges for network and security teams alike. Conventional network perimeter defenses and legacy processes are simply not equipped to address the surge of new IoT security issues. The transformation opportunity for IoT-enabled business models in the enterprise is massive. But to reap the benefits of transformation, enterprises need network security that reliably enables IoT.

Today, IoT devices account for more than 30% of all network-connected enterprise endpoints.

Unique IoT Security Challenges

A growing number of IoT devices are virtually invisible in enterprise networks. From building and streetlight sensors, flow monitors, surveillance cameras to IP phones, point-of-sale systems, conference room technology, and so much more, IoT technology is on the network, in the organization, and expanding rapidly.

These devices significantly expand an organization’s attack surface. Security teams are now faced with new and escalating challenges which are unique to IoT security including visibility blind spots to inventory, threats, risks and IoT data.

Take a Lifecycle Approach to IoT Security

Strategically minded CISOs and security leaders are moving beyond legacy solutions and taking a complete IoT lifecycle approach, creating an IoT security posture that reliably enables IoT innovation and protects the network from existing and unknown threats. The lifecycle approach encompasses five critical stages of IoT security.

  1. Understanding IoT Assets

The first stage in the IoT lifecycle requires gaining full visibility into the IoT attack surface, including all known, unknown—and forgotten devices.

  1. Assess IoT Risks

With the full visibility and context gained for both managed and unmanaged devices in stage one, the risks these devices pose can be accurately assessed and monitored.  Assessing risk in the IoT security lifecycle requires real-time monitoring that continuously analyzes the behavior of all the network-connected IoT devices.

  1. Automate risk-based security policy recommendations and enforcement

Taking into account that trust is in itself a vulnerability, an effective IoT security strategy must directly align with the principle of Zero Trust to enforce policies for least-privileged access control and network segmentation.

  1. Prevent Known Threats

The diverse nature and use cases for IoT devices identified in the previous stages create a highly distributed environment in the network with numerous points of compromise. Successful outcomes of the security posturing in stage four of the IoT security lifecycle will require actionable insights into the detection and prevention of known threats to the IoT devices for a swift response to threat mitigation.

  1. Detect & Respond to Unknown Threats

When it comes to detecting and preventing truly unknown threats, legacy strategies and technology isolate threat data each organization receives and generates, creating silos and reducing the possibility of prevention. To meet the requirements of the final stage of the IoT security lifecycle, security teams need new capabilities and insights that draw from crowdsourced threat intelligence. This last step will also uncover potential threats missed in earlier stages thereby creating a cyclical process for continual improvement.

To learn more about IoT security best practices, read The Enterprise Buyer’s Guide to IoT Security, from Palo Alto Networks.

About the Author

Mitchell Bezzina is the technology team leader with over 19 years of experience in information security and endpoint forensics. Over the past five years he has been focused on bringing new cybersecurity technologies and services to market.  In 2018 he drove the XDR market revolution and industry creation while helping release Cortex XDR, the first product in this space.  Mitchell is currently focused on emerging technologies like IoT Security and new innovations in Cloud-delivered Security Subscriptions.

Mitchell Bezzina can be reached online at mbezzina@paloaltonetworks.com and at our company website https://www.paloaltonetworks.com/

FAIR USE NOTICE: Under the “fair use” act, another author may make limited use of the original author’s work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material “for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.” As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner’s exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.



Source link