https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/mobile-logo.png
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • Embedded IoT World (Part of DesignCon) 2022
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • Embedded IoT World (Part of DesignCon) 2022
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Metaverse
  • Development
  • Security
ioti.com

Security


Thinkstock

Security is one of the top concerns regarding the Internet of Things.

7 Things to Know about IoT Security

Here are seven tactics OEMs and manufacturers can implement to bolster their customers’ security posture and mitigate risks posed by emerging IoT devices.
  • Written by John Sirianni
  • 2nd June 2016

When it comes to protecting the Internet of Things (IoT), traditional cybersecurity approaches are difficult to integrate and often don’t keep pace with operational IoT devices. While many security practices for embedded devices work by isolating systems, they only offer partial protection, solely protecting systems against known attack vectors.

The good news is that smarter tactics are currently being explored by enterprises today, especially for industrial systems. To prepare, OEMs and manufacturers should examine ways they can mitigate risks for securing IoT. Here are seven things to keep in mind:

1. Pay attention to the cloud.

With the influx of connected devices emerging, more information is moving from traditional on-premises systems into the cloud. This is a top challenge for OEMs and IT providers as they try to navigate IoT security, as many conventional security technologies only support on-premises systems.

 At the same time, hackers have their eye on the cloud. The cloud’s rise in popularity has quickly become a key target for cybercriminals, and weaknesses are found and exploited on a regular basis. The vulnerabilities of cloud-based infrastructure can wreak havoc on IT providers and system integrators. OEMs and system manufacturers should implement a cloud-based security solution that offers a secure online backup solution. This way, it ensures organizations don’t lose data when an endpoint is compromised. The solution should also provide online access to files from any IoT device.

2. More devices means more threats.

Devices are connecting to the internet at a rapid pace. According to Juniper Research, by 2020, the number of IoT-connected devices will increase to 38.5 billion, up from 13.4 billion in 2015. This increase of more than 200% is likely driven by a surge in connected industrial applications.

Monitoring activity can lower risks against the growing numbers of devices. Monitoring the reputation scores of IPs, URLs, files, and mobile apps that are related to an unknown object is an effective way to predict whether they pose a security risk, according to respondents in the Webroot 2016 Threat Brief. In addition, the continual, real-time monitoring and tracking of changes in IPs, URLs, files, and mobile apps is essential toward decreasing security incidents.

3. Threat intelligence will thrive.  

With the infiltration of modern malware, zero-day exploits, new advanced threats, and others, holistic approaches to security won’t succeed in the IoT era. Enterprises are struggling to keep pace with new connected devices. Discerning real threats from the lower-risk items is a key organizational pain point.

The heart of the issue is that threats have gotten through the defenses because they know how to beat the systems. This is because many organizations rely on out-of-date published blacklists of bad websites, URLs, and IPs. To compound that challenge, the IoT threat landscape changes daily. For example, more than 90% of phishing attacks generated from websites are detected and removed in under 24 hours. By the time a list is published, the attack has moved to a different website, rendering the list obsolete.

As a result, collective or shared threat intelligence will be a top priority for IoT security. There will be more collaboration regarding threat detection across industry sectors like healthcare and finance, as these verticals handle an abundance of sensitive data.

It’s clear that security problems shouldn’t be dealt with alone; using collective threat intelligence will help bridge the gap between prevention and detection. When IoT solution providers leverage a real-time service like the Webroot BrightCloud Threat Intelligence Services, which maintains up-to-the-minute accurate insight on malicious IP host servers and URLs, in-bound and outbound communications can be accurately assessed in real-time.

4. Know where your data lives. 

With so many third-party applications housing data, IT teams are often unsure where data resides or how data is being protected. If possible, organizations should consider keeping data in-house. However, large companies often don’t have the bandwidth or investments to support internal warehousing of data. Consequently, with files and services migrating to the cloud, the location of data increases complexity when it comes to protecting it. As such, knowing where the data is housed is a valuable resource.

During the recent T-Mobile data breach, Experian was responsible for T-Mobile’s customer data and, ultimately, the compromised the records of their customers. This can pose a problem for several reasons. If organizations are unaware of where data resides, they maintain less protection over it. Naturally, when your data is stored in a location out of an organization’s control, it becomes more difficult to monitor.

Industries and organizations will need to collaborate more aggressively as data is shared across verticals. Data may also be housed with the technology provider or another third party.

5. Don’t neglect the endpoints.

Endpoint software agents can leverage cloud-based real-time data like threat intelligence to prevent, detect, and block new cyber threats targeting IoT devices and systems. They can be designed into the devices and turned on anytime once deployed in operation.

It’s important to pay attention to gateways within the network. That’s because they can be used just like next-generation security appliances to inspect and filter all incoming and outgoing traffic between devices and their control systems in the local IoT platform or over the internet. By doing this, organizations will be able to detect malware before it reaches the network or any endpoint devices.

6. Engage with machine learning and automation.

Automation and machine learning will be a crucial component in IoT cybersecurity. Leveraging machine-learning technology allows organizations to draw correlations among the massive volume of data they collect, all in a streamlined manner. With the amount of emerging vulnerabilities, automation and machine learning are vital to combatting cybercrime effectively. Autonomous remediation of compromised systems is critical for continuity of service and to keep operational costs to a minimum. 

7. Remember that threats are always evolving.

IoT systems are growing in complexity, particularly as the physical and digital worlds collide. Since systems are leveraging technologies like sensors, controllers, routers, and gateways, it’s important to remember that any device can be monitored and protected.

In the coming months, embedded-system designers and IT providers must stay ahead of the curve to find and implement proper tools to fully secure all operations against advanced and evolving threats. It’s time to be proactive and keep the Internet of Things safe.  

Conclusion

Internet-connected devices within the industrial world have increased at an alarming rate. Businesses are faced with the ongoing challenge of guaranteeing superior security for emerging technologies that, when not properly secured, are creating large opportunities for hackers. What’s more, IoT security threats will only escalate in the foreseeable future as we continue to move toward hyper-connectivity and increased data sharing. By implementing smarter cybersecurity tactics, OEMs and manufacturers can bolster their customers’ security posture while mitigating security risks posed by emerging IoT devices.

This article originally appeared on our sister site Electronic Design.

Tags: Article Security Technologies

Related


  • IoT Security Firm to Acquire Medical Security Startup
    Claroty is set to acquire Medigate to grow its foothold in securing the Internet of Medical Things
  • Ransomware Attack Could Impact Paychecks
    The Kronos ransomware attack affected the company’s private cloud service over the weekend, knocking it offline just before the holidays
  • Image shows an abstract digital big data concept.
    BotenaGo Malware Targets Millions of IoT Devices
    AT&T Alien Labs identified the malware that has left millions of IoT devices exposed.
  • IoT Startup Raises $10M
    Platform aims to bolster network security with automated device configurations and visibility.

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • IoT Device Security at the Edge Poses Unique Challenges
  • Zero-Trust Security for IoT: Establishing Rigorous Device Defenses
  • AI Ups the Ante for IoT Cybersecurity
  • Protecting Your Network Against Ripple20 Vulnerabilities

Roundups

View all

IoT Deals, Partnerships Roundup: Google, Arm, Senet and More

26th May 2022

IoT Product Roundup: PTC, Nokia, Arm and More

19th May 2022

IoT Deals, Partnerships Roundup: Intel, Nauto, Helium and more

14th May 2022

White Papers

View all

The Role of Manufacturing Technology in Continuous Improvement Ebook

6th April 2022

IIoT Platform Trends for Manufacturing in 2022

6th April 2022

Latest Videos

View all
Dylan Kennedy of EMQ

Embedded IoT World 2022: Dylan Kennedy of EMQ

Dylan Kennedy, EMQ’s VP of global operations, sat down with Chuck Martin at Embedded IoT World 2022.

Embedded IoT World 2022: Omdia’s Sang Oh Talks Vehicle Chip Shortage

Omdia’s automotive semiconductor analyst sits down with Chuck Martin at this year’s event

E-books

View all

How Remote Access Helps Enterprises Improve IT Service and Employee Satisfaction

12th January 2022

An Integrated Approach to IoT Security

6th November 2020

Webinars

View all

Rethinking the Database in the IoT Era

18th May 2022

Jumpstarting Industrial IoT solutions with an edge data management platform

12th May 2022

AI led Digital Transformation of Manufacturing: Time is NOW

9th December 2021

Special Reports

View all

Omdia’s Smart Home Market Dynamics Report

7th January 2022

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

IoT Security Best Practices for Industry and Enterprise

20th October 2020

Twitter

IoTWorldToday, IoTWorldSeries

This white paper by @braincubeEn explores how the changes of 2020 and 2021 are shaping the future of #IIoT. Learn w… twitter.com/i/web/status/1…

27th May 2022
IoTWorldToday, IoTWorldSeries

UK Investing $50M for Self-Driving Buses, Vans dlvr.it/SR9QlJ https://t.co/sQdX2tJY4d

27th May 2022
IoTWorldToday, IoTWorldSeries

Dubai to Use Satellite IoT Terminals for Utilities Industry dlvr.it/SR9NQB https://t.co/GXf9Gx5RCw

27th May 2022
IoTWorldToday, IoTWorldSeries

@BerkshireGrey’s AI-powered next-gen warehouse robot is helping retailers by cutting times for order fulfillment, u… twitter.com/i/web/status/1…

27th May 2022
IoTWorldToday, IoTWorldSeries

Access the insights on IoT deployments, emerging tech and new applications now. Sign up to our dedicated… twitter.com/i/web/status/1…

27th May 2022
IoTWorldToday, IoTWorldSeries

Survey finds there's a lot of on-campus affinity for @StarshipRobots delivery #robots. dlvr.it/SR79YR https://t.co/73EaFPR6ft

26th May 2022
IoTWorldToday, IoTWorldSeries

That latest #IoT deals and partnerships news from @Google, @RedHat, @Arm, @SierraWireless, @ItronInc and more!… twitter.com/i/web/status/1…

26th May 2022
IoTWorldToday, IoTWorldSeries

@Ford is testing #geofencing tech that automatically cuts vehicle speeds. iotworldtoday.com/2022/05/26/for…

26th May 2022

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X