Securing the Internet of Things
This blog post, covering the Internet of Things, considers security challenges. Security has always been a high order concern in distributed systems, even if it’s only dozens of devices. Now think of the increased scope of this challenge where people routinely speak of billions of connected devices communicating across global networks of all sizes and kinds.
Securing this kind of infrastructure requires a different approach, since perfect security is simply not possible. Operations technologists (e.g. those running manufacturing plant floors or civil infrastructure, such as power grids) have relied on physical separation of their systems, but IoT benefits are too great to continue siloed operations.
As Maciej Kranz wrote in his book, Building the Internet of Things, there are several aspects to the required security model:
- A risk-based approach
- Defense in depth
- Joint IT/OT cooperation
Risk-based. It may seem obvious, but too many security conversations are not sufficiently well grounded in risk. Risks must be understood and quantified across the enterprise, and ultimately, the ordinary enterprise cannot have more at risk than it is worth. Even the costs of large and notorious security breaches, such as the 2013 Target Point of Sale hack, can be calculated.
Within mature security capabilities, therefore, security is nothing more than a specialized form of risk control (the well-known CISSP security certification is based on this premise). Risks emerge and require a lifecycle of identification, analysis, prevention, mitigation and continuous review. If a specific risk is no longer material, then better to spend scarce resources fixing a higher priority one.
Defense in depth. “Crunchy on the outside, soft and chewy on the inside” is a hacker saying for organizations that focus all their resources on perimeter defense. The Stuxnet worm showed that physical separation doesn’t work; infected thumb drives carried across the “air gap” destroyed sophisticated nuclear centrifuges with elegant efficiency.
There are many ways to make hackers’ life difficult, even if they’ve penetrated systems: network segmentation, data leakage protection, network traffic pattern recognition and more. One key element: distributed IoT devices “in the field” increasingly will be protected by video feeds – the cost of motion-activated cameras are decreasing and do not have the large bandwidth or power requirements; solar panels are even capable of powering some of them, so expect to see this as a backup capability more and more frequently.
Security must be “end-to-end” – every conversation and handoff must be managed over secured links, with trusted encryption and appropriate segmentation. Policy-based infrastructure managers (Chef, Puppet, Ansible, SaltStack, etc.) that continuously monitor and correct for drift from the desired state are essential. They should be monitored and well secured, as compromising them is to compromise the “keys to the castle.” Their reported patterns of “drift” may well indicate adversary action. Automated, intelligent analytics and predictive analysis are essential for scaling to IoT volumes.
Joint IT/OT cooperation. This series previously examined the IT/OT (Information Technology and Operations Technology) relationship. To re-iterate, neither can address security concerns by themselves, and the legacy of misunderstanding and mistrust between them needs to stop. Operational facilities are increasingly connected; the growing consensus is that the benefits (e.g. reduced staff visits) can outweigh the risks. Without a comprehensive security architecture protecting the IoT devices and communications, the risks are enormous. IT must apply state-of-the-art network security (authentication and access control, encryption and appropriate segmentation) and OT must contribute its domain expertise and the best thinking of its current suppliers. A clear, quantified and rational understanding of the risks involved must inform both.
Conclusion. Understanding and securing complex IoT infrastructures will always require the “ground truth” of knowing the devices, software and services. Rationalizing this essential data foundation is a complex problem, requiring state-of-the-art analytics. Blazent has the market-leading algorithms required for accurate inventories (which is core to identifying potential gaps or prospective breech points), as your information technology and operational technology scale into the new world of the Internet of Things.