Internet of Things networks of connected devices can generate mountains of data in a matter of seconds, enabling projects like smart cities and autonomous cars, and fundamentally changing what’s possible in enterprise and consumer services. We’re likely to see more use cases emerge in the coming years, as the number of IoT devices is set to increase; by 2025, it is projected that there will be 75.44 billion connected devices.
However, IoT technology is still kind of like the Wild West – while the possibilities that come along with exploring this untamed territory are seemingly endless, the risks associated can be extremely high. In the first half of 2018 we saw a 29 percent increase in DDOS attacks, which can be directly attributed to IoT. Now more than ever, cyberattacks have the power to spread from end user to end user with incredible speed, making it even harder to pinpoint the genesis of the attack given the massive number of connected devices on the network.
Despite the security risks, enterprises cannot afford to ignore the significant use cases as connected devices move from the well-understood traditional endpoints to connected IoT sensors attached to almost any device. The advent of 5G will enable enterprises to collect and analyze vast amounts of data from IoT edge devices around the globe, paving the way for cost and performance reductions, but the need to protect the valuable data on these devices will be an opportunity for the bad-guys who will want to either steal or control it.
Operators should view this as not only an opportunity to fortify their networks against cybercriminals but as a competitive advantage to offer services to spot and mitigate risks as more operations move to the edge. With a proliferation of endpoints and more avenues into the network, there must be a massive shift from a “reactive” mode of operations to a “predictive” mode of operations. Furthermore, as 5G rollouts continue across the globe, the attack surface will only increase. 5G networks will enable and support new services and users via IoT devices, exposing the network to severe threats.
Here are a few best practices when it comes to managing IoT security issues.
Start with the Network
A perimeter-based security approach is no longer sufficient when today’s era of cybercriminals can launch an attack from any and all sides using a variety of vectors. Protection must be embedded into the network fabric to further strengthen lines of defense, enabling real-time monitoring and detection.
To thwart potential attacks, businesses need a comprehensive security policy that leverages automation, anti-malware software and firewalls while also regularly documenting their cybersecurity policies. Security cannot be an afterthought – it must be built in from the very beginning to every component of the network. Starting from the network means that you are applying security to the broadest number of endpoints possible, so even if embedded security has not always been a consideration when rolling out new solutions, this will ensure the best possible coverage and awareness as new solutions are considered and deployed.
Automation is Your Friend
According to a recent study by the Ponemon Institute, security automation increases the productivity of IT security personnel and more accurately correlates threat behavior to better address the volume of threats. Security programs powered by automation are by design, nimbler and more actionable, and even the most seasoned security teams can benefit from this additional help. Investing in solutions that are able to glean insights from network automation tools can quickly interpret data into actionable insights, empowering security teams to better pinpoint security threats.
Education is Key
There is a serious skills gap when it comes to implementing security automation technology. This problematic shortage is only opening businesses up to greater vulnerabilities. Until we can close this gap, network equipment and security solutions with built-in automation and seamless integration will be key. A well-rounded security posture calls for comprehensive training programs for anyone who is, or will be, involved in managing the IoT environment. Consider training at the start of any IoT deployment and ensure that staff are well-versed in the workings of any new solution before it is designed and implemented on your network. Vendors will have both product specific and general cybersecurity training options.
How Will IoT Security Fare in the 5G Era?
If IoT is the promise, then 5G is the enabler. As we enter the 5G era, having sound IoT security strategies in place will only become more critical. Enterprises should embrace the opportunities that come with adopting IoT. But in order to make their investment worthwhile, enterprises must first ensure they have a security plan for hyper-connectivity at hyperspeeds that accounts for even more connected devices.