Designing an IoT-Centered Security Strategy Fit for Your Business

As digital transformation strategies continue to evolve and expand within the enterprise technology landscape, especially through Internet of Things (IoT) solutions, security threat vectors have become more prevalent than ever.

This constant evolution and transformation can be difficult to manage, and the architectures of IoT platforms and ecosystems — which can include multiple connectivity patterns that span heterogeneous industries and networks — can exacerbate this challenge. These complexities within IoT often result in project failures and, because these projects often do not include consideration into security strategies and solutions, they can leave networks vulnerable to attacks.

What are the best ways to leverage digital transformation and IoT efforts while keeping your network protected from threats? Here are a few key strategies to keep in mind before beginning your next IoT or digital transformation initiative.

While past security strategies focused primarily on information technology (IT) management with respect to how and where enterprise data is accessed, today’s landscape demands a shift in scope.

As technology segments like IoT evolve, attack surfaces have expanded beyond traditional IT borders and into operational technology (OT) environments like:

• Enterprise things, often used in office automation to collect data. These include devices like cameras, physical security access systems, occupancy sensors and smart building automation.

• Industrial things, which include OT devices in machine automation and industrial processes like safety monitoring equipment, industrial machines, vibration sensors or heat sensors.

Historically, OT environments were not managed with IT security solutions or frameworks. In some cases, organizations believed that they did not need to manage OT or IoT devices at all because they were on separate, air-gapped networks with no way for a security breach to occur.

Unfortunately, this is not actually the case. In fact, these air-gapped devices are often connected to outside networks, leaving them vulnerable to cyberattacks.

So, how big is this OT/IoT attack surface? The risk may be greater than you think.

The “trifecta” of IoT attack surfaces include:

• IoT devices

• Communication protocols

• The applications layer

As organizations adopt more and more IoT solutions to aid in their business transformation initiatives, dependence on these devices can outpace their ability to secure them. A successful security strategy must be incorporated at each of these layers.

So, where should you start?

As the security threat vector expands, safely onboarding and managing new IoT devices in a way that works best for your environment is crucial. IoT devices must be secured end-to-end — from the edge device which does the initial processing to the core or cloud, where the data is ultimately being analyzed.

For organizations that don’t currently manage their IoT devices, this can be a daunting task. This is where zero-trust architecture comes in.

The zero-trust security model is guided by the principle of, “never trust, always verify.” This means that organizations should not automatically trust any user who requests access to a site, app or device inside or outside its perimeters; instead, the organization must verify anything and everything trying to connect to its systems before granting access.

A successful security resiliency plan must include a strong authentication strategy and least privilege access to limit impacts to:

• Identities

• Apps

• Networks

• Critical infrastructure

• Data

A zero-trust strategy can also help guard your IT and OT environments from vulnerable, unprotected systems.

Many OT environments can be difficult to update, keeping them from functioning properly and leaving them susceptible to attacks. However, by isolating unpatched, out-of-date OT devices as part of a zero-trust design strategy, you can protect both the devices themselves and your total environment from potential cyberattacks.

One constraint on an organization’s ability to implement a zero-trust strategy is the “human factor.”

In some environments, the required processes for a zero-trust security strategy cannot be deployed due to resource constraints or financial limitations. In other cases, the design is not inclusive of all potential threat vectors, third-party contractors or outside vendors. In any case, the best path forward is to spend additional time during the planning process ensuring that you have the resources, budget and personnel to move your strategy forward.

Constraints aside, applying a zero-trust methodology to your IoT project is critical to supporting a secure environment.

Some of the key zero-trust strategies are:

• Strong authentication methods

• Using network segmentations

• Least access policies

To be successful, a zero-trust strategy must be applied to each layer of your IoT infrastructure. The first step is to identify your networks’ most critical and valuable data, assets, applications and services. Because IoT systems are often interconnected with mission-critical systems, it’s crucial that each of these assets are prioritized and protected.

What are the other potential security risk vectors in IoT? Let’s take a step back in time and discuss the “great divide” between OT and IT environments.

The Purdue Model for industrial control system security was created in the 1990’s as a best practice framework for the relationship between industrial control systems and business networks, now commonly called OT and IT networks.

The Purdue Model contains six functional levels in its architecture:

• Level 0: Physical processes

• Level 1: Basic control

• Level 2: Area supervisory control

• Level 3: Site control

• Level 4: IT systems

• Level 5: Corporate networks

This model was designed at a time when all data lived within these levels and connectivity was restricted (or air gapped) from transferring between level 0 and level 5. Today, however, this is not always the case.

IoT technology often bridges the gap between OT and IT systems to derive insight with IT systems. This means that IoT must connect Level 0 assets with Level 4 IT systems to derive insight and improve operations or safety. The connection of these two levels can potentially impact both operations and technology.

Another challenge with this model is the rise in networking options for IoT devices which transcend traditional network environments. These include cellular, Zigbee, Z-Wave and others.

IoT as a new technology platform has created several challenges for IT security teams, such as:

• Unmanaged original equipment manufacturers (OEMs) accessing machines for support

• Unmanaged assets connected to the outside from your OT environment

• Legacy installations that have not been properly upgraded and are incompatible with security solutions

• OT networks that were initially designed to be highly segregated are now connected to the outside

• Open, unmanaged ports on a variety of systems

• A lack of governance standards across all security teams (product, supply chain, physical and cybersecurity), which bad actors can use to breach organizations

As our systems and technology solutions continue to evolve, our governance models must evolve as well. One of the most evolutionary trends happening today is the integration between OT and IT security governance models.

For decades, experts have focused on IT system security and physical security as two separate components. OT environments were not part of the same conversation because, using the Purdue Model, they were traditionally air gapped or segmented from IT systems. Because these two environments are now converged today, the security model must be integrated as well.

Where should you start when it comes to integrating all environments in your security model?

Here are seven ways to evolve your security practice:

1. Create steering committees with representatives from each environment.

2. Design change control practices that include both operational and physical security technology changes along with patching events.

3. Conduct regular security assessments that include network segmentation reviews, endpoint management reviews and threat intelligence reviews.

4. Ensure your incident response plans are all-inclusive. These should include representatives from enterprise technology and IT.

5. Create a Chief Security Officer (CSO) role that incorporates previously siloed security disciplines under one governance model.

6. Consider integrating security information with event management (SIEM) or security orchestration automation and response (SOAR) solutions.

7. Don’t overlook basic best practices for your OT and IT environments, which include: Owning and identifying all assets across all environments; measuring reports of attacks or failure to comply with standards; examining security models and continuously improving when possible; implementing best practices across your entire enterprise to limit break impacts; monitoring all assets.

Implementing a successful security strategy that includes separate security strategies is no longer an option; an all-inclusive enterprise approach that incorporates end-to-end security is essential.

Before planning your next IoT or digital transformation project, consider working with an industry leading partner with vast expertise in both security and IoT solutions to ensure your enterprise IoT solution is as secure as possible.