Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Drop the IT-Centric mindset: Securing IoT networks requires new thinking

Sugiarto Koh, Director for Cisco’s Security business in ASEAN | Feb. 5, 2015
Securing IoT networks must go beyond today's thinking. Rather than focusing on the individual security devices, they need to be networked, so that they can work together to produce comprehensive, actionable security intelligence.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

The Internet of Things (IoT) has become a popular topic of discussion in Singapore as it works towards its goal of becoming the world's first Smart Nation. Over the last decade, Singapore has built a robust infrastructural foundation to support IoT with its Intelligent Nation Masterplan (iN2015). Over the next decade, this infrastructure will play a critical role in the implementation of initiatives such as the Smart Nation Platform[1] which will use nationwide sensor network and data analytics to develop smart, connected communities.

Although the transformative potential of IoT is well understood by the authorities, analysts, security professionals and other industry pundits, many of them still approach IoT with an IT-centric mind-set when technical details and security measures are discussed. This is due to the belief thatIoT is mostly about the billions of new connected objects. While the dramatic increase in the number and types of connected objects expands the attack surface and dramatically increases the diversity of threats, they are only part of the IoT security challenge. In addition, the convergence of organisations' existing IT network with the operational technology (OT) network -- including energy grids, transportation systems, and industrial control systems - expands the depth of security challenges and makes threat remediation remarkably more complex.

While IT and OT were once separate networks, they are now simply different environments within a single extended network. This, however, does not mean that they are the same. The architectures, operational needs, platforms, and protocols are vastly different for each of them, which drive radically different security needs for each of them. As a result, security architectures, solutions, and policies that have proven effective for years in the IT world often do not apply in OT environments. Attempts to enforce consistent security policies across the extended network aredoomed for failure.

Protecting data confidentiality is IT's primary concern, so when faced with a threat, the immediate response is to quarantine or shut down the affected system. Nonetheless, OT runs critical, 24x7 processes, so data availability is the primary concern. Shutting down these processes can cost the organisation millions of dollars, so the cost of remediation may be greater than simply dealing with the aftermath of an infection. In addition, because OT is a human-based operation in what can be dangerous working conditions, the focus is on the safety of the operation as well as the employees. As a result of these main differences, the two groups approach security in completely different ways. While IT uses a variety of cybersecurity controls to defend the network against attack and to protect data confidentiality, OT views security more in terms of secure physical access, as well as operational and personnel safety.

 

1  2  Next Page 

Sign up for Computerworld eNewsletters.