Even as the technology industry continues to scramble to protect personal computers, datacenters and other traditional IT systems from increasingly sophisticated cyberattacks, a new attack target has emerged – the Internet of Things (IoT). To protect their IoT applications from attack, organizations are working to adopt for the IoT the same cybersecurity strategy which has proven to be highly effective for traditional IT infrastructure – Defense in Depth. A Defense in Depth strategy leverages edge device, network and cloud security capabilities, along with end-to-end encryption, to create layers of protection that make it harder for an attacker to effect an IoT application, and easier to detect, isolate and remediate successful attacks. Implementing an IoT security Defense in Depth strategy is complicated, and often requires the creation of a large, dedicated IoT security team to effectively execute. However, a security orchestration approach to IoT security can simplify the implementation of a Defense in Depth strategy, and addresses the cost, complexity and other problems that have made it difficult and expensive for companies to build robust end-to-end security into their IoT applications.
The Unique Challenges Involved in IoT Security
IoT applications can be attractive targets for cyberattacks for a wide variety of reasons. An attacker may want to penetrate the application to steal data or disrupt operations in ways that either subtle (to make minor adjustments to sensor data to mislead business intelligence systems relying on that data) or overt (to disable the entire application with ransomware). They may want to penetrate the application in order to leverage the aggregate processing horsepower or internet bandwidth of a large number of IoT devices to mine cryptocurrencies or to operate mercenary “DDoS for hire” botnets. Or they may want to leverage an insecure edge device to launch a “pivot attack” on the network to which that device is attached. For example, in 2018 Darktrace reported an incident they investigated where a casino network was compromised and its high-roller database was extracted through an internet-connected thermostat used in the casino’s lobby aquarium. There are almost as many reasons to hack into IoT applications as there are IoT applications themselves.
Securing IoT applications against these myriad forms of attack is also more complicated than for traditional IT systems. First, the edge devices used for IoT applications are often low cost and easily obtainable, making it relatively easy to perform “tear downs” to identify exploitable vulnerabilities. Second, these edge devices are often deployed in accessible, unsupervised locations, which makes it easier to tamper with them without being detected. And third, IoT application edge devices are often deployed in large numbers with tight constraints on their bandwidth and battery power, making it more difficult to deploy security updates in a timely fashion.
Benefits of Defense in Depth
A Defense in Depth cybersecurity strategy can address many of the unique challenges related to IoT application security. Such as strategy strives to slow down and dramatically increase the cost of an attack by forcing the attacker to circumvent multiple security mechanisms in order to gain access to the target. This discourages most attackers who don’t have a specific interest in the IoT application. For example, crypto-miners and DDoS botnet operators will in general move along to easier targets if they are frustrated by an attack. At the same time, Defense in Depth also slows down more persistent attackers, while also providing the IoT application owner with more opportunities to detect their efforts and deploy countermeasures before the attackers can achieve their goals.
Defense in Depth takes many forms, and IoT application designers should strive to deploy as many of them as possible. For example, designers should ensure their Defense in Depth strategy forces an attacker attempting to intercept communications from an edge device to the cloud to compromise a cellular carrier firewall to access a private APN, then a VPN tunnel between the device and the cloud, and then penetrate application-layer encryption to get at the actual data.
No system can be made perfectly secure, but like medieval castles, IoT Defense in Depth mechanisms like those described above complement each security mechanism (moat, castle wall, keep) with another, making it much more difficult for an attacker to fully penetrate the application. When properly executed, such a strategy will frustrate attackers and cause them to give up, and also increase the probability that an attack is detected before it can succeed or cause significant damage.
Large, Dedicated IoT Security Teams – Effective, But Resource-Intensive
However, implementing an IoT Defense in Depth security strategy is complicated, as companies need to manage security on different types of devices, multiple connectivity service providers and various cloud service providers. They need to ensure all these security mechanisms are kept in synch and work smoothly together. The entire process is both difficult and time-consuming – much more so than web or other types of applications.
Some larger companies have succeeded in implementing IoT Defense in Depth strategies by creating dedicated teams of experts versed in the security of the key elements of an IoT application (edge device, network connectivity and cloud management). These experts implement a Defense in Depth strategy by ensuring each element of the application has the most up-to-date security possible, while also coordinating to protect the points where each element integrates with the others. This approach can be effective, especially as the resulting Defense in Depth strategy is specifically designed to address the vulnerabilities of the company’s particular IoT applications. However, this approach is complicated, and requires the investment of extensive time and resources.
For example, an IoT security team still has to manually configure their VPN for different devices, different network connectivity service providers and different cloud service providers. All the edge device and network firewalls must be kept in sync, with trusted hosts added to white lists, along with new ports and protocols. This approach, using different interfaces to adjust the security of each element of an IoT application, also increases the chance of human error, leaving open a vulnerability that an attacker could exploit. In addition, the costs and difficulties involved in recruiting, hiring, retaining and coordinating large teams of dedicated IoT security experts make this approach difficult, if not impossible, for small and medium-sized firms, preventing them from implementing strong IoT security Defense in Depth strategies.
Security Orchestration: A Different Way to Easily and Cost-Effectively Implement IoT Defense in Depth
Increasingly, companies are considering an alternative approach for implementing an IoT application Defense in Depth strategy – security orchestration. For most companies, a security orchestration approach allows them to implement a robust Defense in Depth strategy with a much smaller dedicated security team, and thus lower initial and ongoing costs.
A security orchestration approach simplifies the implementation of an IoT Defense in Depth strategy by providing companies with a solution to orchestrate the deployment and management of layers of protection around all elements of the IoT application – edge device, network connectivity and cloud. Security orchestration solutions not only provide multiple layers of protection for the IoT application, but also simplify security management by allowing the IoT application’s owner to define a high-level security plan, and then apply and manage this plan from a single “pane of glass.” Using this single interface, users can configure and update security provisioning on all their devices, connectivity providers and clouds, and easily designate who their edge devices can and cannot communicate with (using whitelists and blacklists) and how they communicate (ports and protocols).
Key Considerations When Adopting a Security Orchestration Approach for Your IoT Application
For a security orchestration approach to be effective, the security orchestration solution needs to be built and maintained by a company with its own experts in all elements of IoT security – edge device, network connectivity and cloud. In addition, security orchestration does require IoT application owners to use a single solution (compromising devices, network connectivity and cloud management software) for their applications, limiting their flexibility when it comes to “mixing-and-matching” elements from different providers in their applications.
However, such an adjustment is well worth the benefits of a more cost-effective and robust Defense in Depth IoT security strategy, especially for small and medium-sized firms where investment in a large, dedicated IoT security team is cost-prohibitive. In a world where IoT applications are playing an increasingly important role in companies’ digital transformation strategies and the number of cyberattacks continues to grow, security orchestration offers companies an opportunity to implement a simple, affordable end-to-end IoT Defense in Depth strategy that allows them to better protect their IoT data from being stolen, altered or lost.
