Here's What You Can Do to Secure Your Network as the Internet of Everything Nears

a-image/Shutterstock.com

Featured eBooks
Space Tech
Read Now

CDM

Read Now

Digital Transformation

Read Now
Steve Martino By Steve Martino

By Steve Martino

|

A “network as a sensor” approach can help IT security teams leverage mobile, cloud and IoE endpoints to increase transparency.

Steve Martino is the vice president and chief information security officer at Cisco.

The Internet of Everything, the intersection and connection of people, processes, data and things, holds great promise for creating greater operational efficiencies within government entities. It has the potential to help with everything from traffic jams to safety in public parks. Cisco predicts that by the year 2020, 50 billion devices will be Internet connected. As government agencies continue to bring more and more devices from disparate suppliers into their network, cybersecurity models need to radically change.

The huge number and diversity of connected devices and associated applications is challenging our cybersecurity assumptions. It is therefore imperative that security models change to integrate broad-based network visibility and big-data collection that can be leveraged to create the depth of visibility needed to take informed security action and protect against all attack vectors.

Multiple potential threat models make a compelling argument for giving the network the capabilities of a giant sensor. For example, imagine a district office with power switches that associate with wireless access points. An attacker sitting in the parking lot of the office could potentially control all the electrical outlets associated with those wireless access points and turn off the lights or power down HVAC systems. Now, imagine such an event happening at a police station or public utility. It’s about more than just theft or service disruption.

There is now a larger attack surface as well as considerable threat diversity that adversaries can target.

IoE will inevitably involve a great number of endpoints with poor security posture and poorly written protocol implementations; the lowest-cost production hardware and software will be used. Attacks against newer wireless technologies such as Bluetooth and near field communication increase presage what is on the horizon for early implementations of new IoE devices.

By taking a threat-centric, “network as a sensor” approach, IT security teams can leverage mobile, cloud and IoE endpoints in new ways to increase transparency and build actionable information. A balanced IoE security model has two goals: a high level of data privacy and protection and reliable, uninterrupted service delivery. The model consists of three pillars that connect with one another: visibility, threat awareness and action.

True automation and analytics are required to get the real-time visibility in billions of devices, data and the relationships between them. Humans alone won’t be able to scale with the environment to provide this level of insight.

It is essential we overcome complexity and fragmentation in our environments. Threat awareness works with the amorphous perimeter, presuming compromise and honing our ability to identify threats based on understanding normal and abnormal behavior, identify indicators of compromise, make decisions and respond rapidly.

Modern-day security requires predictive infrastructure that changes in anticipation of potential threats. Currently, it’s too expensive and too unwieldy to monitor every single east-west network connection. Security teams are dependent, therefore, on devices that emit data that can be consumed by another device. The goal is to embed security visibility and control into as many devices under IT’s control as possible and combine this with current network policies, making the network a vast, extensible sensor.  

Scaling for IoE is an issue, but one that so-called fog computing models can address. This model addresses the IoE scale problem by inserting a gateway between a set of IoE sensors and the data center that gathers data from multiple devices. It then performs initial filtering and correlation before sending higher-order data to the cloud. This fog layer could analyze and correlate events across multiple IoE sensors and identify vulnerabilities. It could then mitigate by ignoring the compromised device and instructing the neighboring sensors to do the same.

While the majority of security teams have critical controls available, they lack the visibility and intelligence needed to update them. The market is shifting to incorporate higher levels of intelligence in the infrastructure, and the ultimate goal is to achieve an environment that is fully predictive and able to use machine-learning algorithms to improve efficiency and security. While security will never be fully automated, moving toward fog computing can result in broad visibility that helps preempt threats with cloud- and network-based intelligence.

The Internet of Everything’s billions of connected devices present a threat landscape larger than can be protected using current strategies. Fortunately, the network can be used to protect itself by using all those networked devices as sensors. Fog computing will also play a role, enabling a predictive security environment. This will bring greater visibility and control to IT security teams, creating not just a proactive but also a predictive protection stance.

(Image via a-image/ Shutterstock.com)

NEXT STORY: 5 Things You Need To Know About the USA Freedom Act

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.