By Simon Bryden, Manager Consulting Systems Engineering
Internet of Things (IoT) devices are everywhere. From consumer devices such as connected thermostats and door-entry systems to Industrial IoT (IIoT) such as actuators and sensors, these smart and connected devices are increasingly being deployed in all areas of industry - manufacturing, oil and gas, energy, mining, and agriculture.
It’s all about the data! The value and intelligence derived from the data that is extracted from these devices is priceless with endless opportunities for organizations or individuals. IoT adoption figures confirm this growing importance: connected devices have exponentially increased in the last 5 years, with approximately 20 billion devices in 2020 and around 75 billion planned by 2025.
This acceleration will be fueled by 5G. For most people, 5G is associated with faster downloads to their mobile phones. However, the real driver for 5G will not be phones but IoT as it will bring powerful capabilities such as high device density and highly reliable communications with very low latency. In addition, cheap sensors can be built with a low operational cost, identity management, authentication and authorization mechanisms, as well as roaming and mobility.
A big issue is that the IoT devices market isn't regulated and homogeneous. With cheap consumer IoT, there is not a significant demand nor budget for security, and as such, it tends to be somewhat forgotten.
Best practices to protecting IoT in a 5G world
The reality is that no device is truly secure, and for that reason, we need a comprehensive and integrated approach to security that can deliver the following three key capabilities:
- Visibility - Having a global view of the system and its components, understanding which devices are connected to the network, and whether they are operating normally is key.
- Prevention - IoT devices often have limited connectivity needs, and segmentation can be used to restrict access. Application-aware firewalls can ensure that only authorized protocols and applications are allowed, and intrusion prevention can detect and block any attempts to scan for vulnerabilities or security holes, and prevent any attempt to exploit those vulnerabilities. The next-generation firewall provides all of these security tools and many more, and should include an Industrial package that understands all of the protocols and applications that are commonly used in industrial networks. For the IoT infrastructure and ecosystem, most communication is via REST APIs, so a dedicated tool here is required to ensure that any attempts to gain access or exploit these APIs is detected and stopped.
- Real-time detection and mitigation - Despite best efforts to block an attack, we must always assume that one day the attack will succeed. Following a successful exploit, there is a period where the attacker will try to get as much information as possible about the environment, try to determine where are the high-valued assets, and how best to monetize the breach. This means that there is a short window of opportunity to detect the breach, identify the compromised devices, and remove them from the network, to ensure that the breach is contained and the attack blocked. Here a full range of solutions for Anti-botnet, Compromise Detection, User & Endpoint Behaviour Analysis, designed to detect infection as soon as it happens, is necessary.
In conclusion, the steps to securing IoT in a 5G era won’t be any different than what we see in other ecosystems: an integrated and holistic security architecture is necessary, to provide not only the visibility required to see and identify these devices but also deliver the prevention and detection components needed to mitigate the effects of an attack.