The 'Internet of Things' is driving new security concerns that require new approaches.
This is according to Jayson O'Reilly, director of sales and innovation at DRS, who says the Internet of Things is not just about consumer devices and critical infrastructure; it presents enterprise with myriad risks on a daily basis.
According to O'Reilly, new types of devices are being hacked into and taken over by cyber criminals - from GPS, to cars, to baby monitors.
In addition, O'Reilly says, the advent of malware such as Stuxnet and Flame has proven that SCADA systems are vulnerable to attack, meaning critical infrastructure is not as secure as we once imagined it to be.
Unfortunately, bring your own device (BYOD) is drowning the enterprise - clever devices with not-so-clever security are attaching to the enterprise network daily, posing a very real risk. He also points out that although most harm caused these days is digital, the threat of physical harm is not far off.
"One only needs to imagine the potential consequences of attackers taking over an airport's air traffic control, or a country's water supply. There are very real consequences. These potential consequences mean our thinking around security needs to be adjusted."
O'Reilly believes a major issue faced by embedded systems and machine-to-machine (M2M) platforms is the crossing over of physical and logical security, as a vulnerability in the one could possibly affect the other.
"Cyber security depends a lot on physical security, as threat actors who can gain physical access to a machine can, in almost all cases, use that access to further their nefarious aims."
He adds that any device that plugs into the network must be protected to ensure it cannot be used as a conduit for further malicious activity. For O'Reilly, businesses must bear in mind that, over and above a business' sensitive data, a compromised network allows access to all other security controls, such as video cameras and access controls.
"The blurring of these boundaries, and the addition of systems to the IT infrastructure, is making the lines of what is or is not a targetable asset unclear. However, what is clear is that what must be protected goes way beyond information. Physical systems must be safeguarded too."
He says this is where forensics and situational awareness come in - everything needs to be tracked and monitored, and how each system works must be clearly understood, particularly how they relate to other systems.
A proper security plan must be in place and must be designed holistically. A team dedicated to governance and organisation, that is responsible for the overall design and implementation of policies and procedures, is a big help, says O'Reilly.
Businesses must ensure that the needs of all departments and all stakeholders are met, and that any security protocols and measures have the flexibility to be managed across the various silos, without impacting on efficacy.
There is no doubt that the integration of physical and logical security domains will lead to better all-round security for any business, he stresses. "A good starting point is to ask several questions, such as what the most important information and assets for protecting are, where they are located, and how security can be built around them."
Combining logical and physical security processes and tools reduces complexity in the management of the security infrastructure, and at the same time, dramatically increases an organisation's visibility into its resources - making the detection of problems far easier. It also helps prevent security incidents, and offers a platform to better respond to and mitigate any incidents that do occur, he concludes.
Share