Machine Learning For Better Security: Seven Key Findings On IoT Security

Today’s companies are moving toward digital transformation at great speed. The definition of your network is constantly changing – with hybrid clouds, IoT devices, and home offices. Given the growing data traffic at the “edge” of the network, the security risk, combined with frequent, severe, and sophisticated cyber attacks – as observed by Palo Alto Networks.

Companies need to end their dependence on reactive security measures and punctual solutions more than ever to protect themselves. Instead, it is essential to introduce intelligent, proactive network security based on machine learning (ML), which causes a radical change of heart in cybersecurity.

Seven key observations about IoT security in practice

  • More and more IoT devices are connected to the corporate network. These devices pose an increasing number of security risks. Approximately 45 percent of companies already have some IoT deployment, and another 26 percent plan to deploy IoT in the next twelve months.
  • Protecting IoT investments has become critical to business survival and thriving. Most companies agree, as 76 percent consider IoT security the top priority. However, only 16 percent feel ready to protect their IoT devices from threats and exploits.
  • IoT devices present unique challenges for security teams, and many IoT devices are introduced into organizations without the knowledge of IT. It is difficult enough to protect them, even to identify them primarily on the network, which is a daunting task.
  • The most effective way to address security challenges posed by unmanaged devices on the network is to manage them. An IoT security solution identifies each device, determines which IoT devices are not running endpoint protection, and protects all devices regardless.
  • An ideal IoT security solution uses an ML approach. It seamlessly integrates all five phases of the IoT lifecycle – from discovering IoT devices and the associated risks to helping assess vulnerabilities and implementing best practices to control new one’s Risks when these inevitably arise.
  • An ideal IoT security solution enables security teams to monitor device risks proactively, detect anomalies, recommend and apply policies for enforcement, and prevent threats. At the same time, it guarantees the highest level of accuracy and transparency.
  • The ideal solution is easy to implement and configured with unique features and policy constructs already built-in. It enables IT teams to contextual network segmentation of groups of devices to mitigate risk. It offers automation to minimize manual effort and prevention to eliminate known and unknown threats.

IoT Security: From Doorbells And Refrigerators To Nuclear Reactors

The Current And Future Relevance Of Cybersecurity In The IoT Context

As the world becomes more connected, more and more devices are being connected. The fitness tracker on the wrist transmits data wirelessly to the smartphone, which controls the entertainment hubs in the connected cars while driving. The smartphone is also the linchpin of most business connections – contacts, email, video conferencing, to name a few. Doorbells, thermostats, and refrigerators enrich the networked world and exchange data and commands with smartphones and other devices.

Any Network Is Only As Secure As Its Weakest Link

This network – the Internet of Things – will grow massively, as microchips are now embedded in billions of previously “silent” objects. From garbage cans to robots, from washing machines to production lines, many objects and devices will exchange data over an internet connection. The introduction of 5G ensures better connectivity than conventional fixed networks and, at the same time, enables the operation of large numbers of networked devices.

Wireless connectivity is now becoming feasible on a large scale. However, networking so many devices and objects wirelessly creates enormous security risks since any network is only as secure as its weakest link.

In the connected world, a $ 1 sensor can be connected to a $ 1 billion network. Cheap microchips are applied to objects and serve as sensors that measure data such as heat and wear. The sensors are small, light, and inexpensive, but they usually lack any security system.

In a spectacular hack in Las Vegas, cyber attackers penetrated the digital network of a casino. They gained access to the personal data of top-class customers via a heat sensor in the aquarium in the lobby. Cybersecurity experts uncovered the attack, but only after data had been leaked. This shows that unsupervised sensors in the Internet of Things create a world of danger. They are opening up more and more entry points through which attackers can break into networks.

Indeed, business leaders, finance directors, and operations departments are rightly focused on the connected world’s enticing commercial opportunities. But you also need to remain vigilant if the risk of a security breach increases. Therefore, security officers should hit the board’s table with their fists and insist on risk assessments, visibility, and segmentation.

As ubiquitous connectivity grows, the number of devices connected to networks will grow from thousands to millions for large organizations. The risks will spiral upwards. Businesses will need high-level tools based on artificial intelligence and machine learning to keep an eye on all of these devices. Sophisticated technology will also be required to scan the connected devices for security threats.

Overcoming The Existing Terminology

Security officers have the task of informing their board members about the risks of connectivity and defining the solutions and budgets necessary for security. The first place to start is in the terminology. The term “Internet of Things” gives a false sense of security. It’s an advertising term. Business people tend to associate the Internet of Things with consumer products like fitness trackers and refrigerators.

You imagine that the IoT is different from the Industrial Internet of Things (IIoT), which controls robots and production lines and other industrial networks such as OT (Operational Technology) and ICS (Industrial Control Systems). These industrial networks include, for example, those that are used in nuclear power plants that were the target of the famous Stuxnet attack. Today these systems are entirely segmented. However, part of the power to make things intelligent is precisely to connect them to other things to create even more intelligent systems.

As everything becomes more interconnected, the IoT could quickly become a gateway to industrial networks for consumers. A company could set up an innovative vending machine in their office building and wirelessly connect it to a supplier over the internet to replenish the content. The vending machine would likely be on the same computer network as the building management system that controls the air conditioning and other functions.

This makes these systems prone to human error, such as temporary connections made due to time constraints and which are then never removed. The company may also see value in connecting the industrial and business networks, which poses a risk.

In such cases, something as simple as an illegal software update loaded onto the autonomous machine could potentially send code to the production facility and shut it down. The result would be damage in the millions. This may sound like a doomsday scenario, but it’s perfectly feasible. Such attacks have targeted ATM networks, where attackers have injected code into the network to redirect funds.

Visibility Is Required

Another challenge lies in the plethora of protocols and languages ​​networked devices use to send and receive data. Artificial intelligence and machine learning software can read and translate these languages. However, with new appliances and services appearing every day, this is a moving target, and the software must be checked regularly to ensure the most effective monitoring possible.

An essential step in securing a network is identifying its critical activities and surrounding them with protective measures. For manufacturing companies, the production line is a necessary process. The virtual machines need to be separated from other parts of the company’s internet network, such as marketing, sales, and accounting. For most companies, only five to ten percent of operations are critical. The segmentation of these assets is essential to protecting strategic operations from attack.

One of the most significant risks in the connected world is that something relatively trivial, like a cheap IoT sensor built into a doorbell or aquarium, could end up having a substantial impact on a business. This would be the case if such a component got into the wrong flow of communication and became an entry point for a cyber attack.

To address these risks, segmentation should be at the heart of any company’s associated strategy. That means defining the purpose and setting boundaries of every device and object connected to a network. The respective device should only be allowed to connect to those parts of the web that are necessary to fulfill a specific purpose. In 5G, a system known as network slicing helps with segmentation.

Network slicing separates mobile data into different streams. Each data stream is isolated from the next so that video viewing can be done on a separate data stream on a voice connection. This divides the system into manageable sections, increasing security as the various operations remain separate and segmented. To achieve general segmentation, organizations must constantly analyze all of their connections, devices, and networked elements and have a clear idea of ​​the purpose of each one.

It’s About Ubiquitous Connectivity

The term IoT trivializes connectivity without urgently addressing the dangers. Business leaders tend to have different ideas about what IoT is all about. For some, it includes a printer connected to a home computer. For others, it extends to building management systems and intelligent electricity meters, while others understand it to be connections to industrial networks. Such confusion undermines the task of protecting and segmenting every device attached to the network.

For this reason, it would be better to speak of “ubiquitous connectivity” as this emphasizes the cohesive nature of the devices. However, the IoT is currently being advertised primarily as a profitable business opportunity without mentioning the risks. The ubiquitous connectivity helps business leaders understand that there are security risks associated with connectivity. They should understand the importance of building visibility, monitoring, and segmentation into their strategies.