Internet of Things: Dealing with the enterprise network of things
Download as PPTX, PDF1 like792 views
The document discusses the challenges and implications of integrating Internet of Things (IoT) technologies into enterprise networks, highlighting security vulnerabilities and the unpreparedness of device manufacturers. It emphasizes the need for planning, business engagement, and visibility to manage IoT security risks effectively. The recommended goals include establishing monitoring capabilities, quick detection of attacks, and automating security responses.
Internet of Things: Dealing with the enterprise network of things
- 1. The “Enterprise Network of Things” Piers Wilson Head of Product Management
- 2. What is the “Internet of Things” What are the security issues How can we solve (or avoid) these Agenda September 2014 © 2014 Tier-3 Pty Limited. All rights reserved. 2
- 3. Background – what is the “Internet of Things” The "Internet of Things” is the network of physical objects that contains embedded technology to communicate and sense or interact with the objects' internal state or the external environment Gartner • Common characteristics – Embedded/bespoke technologies – Network connected (Intra & Internet) – Cloud back-end for applications, web control, data tracking – Mobile/App/Web control interfaces September 2014 © 2014 Tier-3 Pty Limited. All rights reserved. 3 Image source: Gartner, 2014
- 4. Security issues will arise, and already are... • Overall track record on security is not good – Workstations, web applications, enterprise networks, open source code, centrifuges, operating systems, malware, mobile devices... • Device manufacturers are even less experienced at defending systems – Fridges, light bulbs, cars, HVAC systems, healthcare devices • Users generally don’t tend to enable security, or really care about it – Especially at work September 2014 © 2014 Tier-3 Pty Limited. All rights reserved. 4
- 5. Hypotheses IoT technologies (domestic or enterprise) will be connected to enterprise networks September 2014 © 2014 Tier-3 Pty Limited. All rights reserved. 5 IoT technology failure implications will be “real” and potentially serious/damaging/ life affecting IoT use will originate from the business or user communities - not from IT function IoT will involve mobile and cloud for access, control and storage – so these will be factors IoT devices will have vulnerabilities Hoping for “Secure” IoT devices that comply with standards is probably unrealistic IoT vulnerabilities will have knock-on effects and exposure other data, systems, networks, users Number/diversity will be greater than traditional technologies = more traffic
- 6. 1) Plan an IOT-aware enterprise network • The proliferation of connected IoT devices is expected to increase • IoT also means, consciously or not, embracing cloud access for users and the business as well as the adoption of mobile and wireless technologies • IoT, cloud and mobile connectivity will become normal and traditional security approaches will become less effective September 2014 © 2014 Tier-3 Pty Limited. All rights reserved. 6
- 7. 2) Drive business engagement in IoT • Develop security use cases for the business user communities in conjunction with user communities and security teams – Momentum as businesses seek to meet user, consumer, operational demands – Build security and risk reduction into interaction with the IoT world – Inaction or poor planning risks IT security becoming an impediment to future business activities • If connected devices / control systems are likely to be core to your business, then integrate specific security safeguards now, rather than trying to retrofit them later September 2014 © 2014 Tier-3 Pty Limited. All rights reserved. 7
- 8. 3) Strive for IoT visibility • IoT evolution is already well underway – with a growing range of security risks • Don’t expect to be able to define policies or sets of patterns or rules for “IoT Access Lists” or “Device Vulnerability Signatures” • Ensure appropriate visibility of technology environment and streamline reporting and compliance processes – Optimise and automate security processes • Have adequate systems and processes to be able to detect: – Connections and activity – Failures and compromises – Impacts on the operation of the IT environment and the business September 2014 © 2014 Tier-3 Pty Limited. All rights reserved. 8
- 9. Summary – 3 Goals 1. Have a network and system monitoring capability that is able to detect IoT technologies when they are connected and operating (and failing) 2. Ensure that if (when) IoT technologies are attacked or malfunction you can detect it quickly, investigate and respond in a timely manner 3. Automate responses and network security controls, predefine scripts and build timely fail-safe responses to foreseeable threats September 2014 © 2014 Tier-3 Pty Limited. All rights reserved. 9
- 10. Questions piers.wilson@tier-3.com +44 (0) 7800 508517 www.tier-3.com @tier3huntsman
- 11. About Tier-3 Huntsman® - and where to hear more ... • Tier-3 Huntsman® is a defence-grade intelligent threat detecetion and incident management solution • Real-time alerting, compliance monitoring & reporting for major security standards (PCI-DSS, ISO27001, GPG13 ...) - Speeding up the detection and response process - True Behavioural Anomaly Detection • Log, network, transaction and event data collection - Fully centralised / accessible through a single, unified interface • Ad hoc & scheduled compliance reporting • Advanced automation for information gathering and response • Comprehensive investigation / workflow capabilities Huntsman® enables organisations to satisfy monitoring and compliance requirements with minimum effort, maximum automation and low overhead