The Internet of Everything (IoE) is more and more becoming a reality: According to Cisco, 50 billions devices will be connected by 2020. But as the boundaries between the physical world and the digital one blur, security challenges arise: security models need to radically change to provide the right level of protection for this new, hugely connected world.
Most organizations have a wide range of disparate technologies and processes to protect their information technology and operational technology networks as well as their physical spaces. Add to that consumer devices such as smartphones and tablets on IT networks and it’s easy to see that these networks combine to become IoT networks.
Companies can release security updates or patches when they learn about vulnerabilities in their devices, but who is going to do a software update on a refrigerator?
While governments and large organizations will focus on protecting their systems, it’s not clear who will look after small companies or individual consumers. Who will guard your grandmother’s car or refrigerator from being hacked, or if it is hacked, who will detect this and then notify your grandmother? A new model is needed that recognizes the exponential growth of the IoE and the challenges of multiple, proprietary interfaces for the IoE layered on top of TCP/IP.
The problem is particularly troubling in an industry where there are Internet routers in every office and a voice over Internet protocol phone on every desk. Even if attackers can’t get into your computer because it’s running anti-virus software, they can still get eyes and ears in your office by hacking a VoIP phone or video console unit. And since those devices are behind office firewalls, they might even be able to infiltrate network servers from there.
Current approaches to cybersecurity, i.e., relying on human experts to build and maintain tougher digital locks and more robust firewalls, will not be sustainable as the IoE’s potential attack surface expands: with billions of new devices now connected to the IoT (including smart meters, heating and air conditioning systems, health monitoring devices, remote sensors for gas and oil lines, etc.) and more devices connecting all the time, the ability to gain visibility into these attack vectors is increasingly difficult.
Basically the Internet of Everything generates an evolving threat model with an increasing threat diversity: due to the variety of objects adversaries can target (many of which being in insecure locations), attackers are able to devise new methods the cybersecurity industry has yet to face and blend sophisticated techniques to accomplish their mission.
Moreover risk and impact will escalate: sensitive data and personal information is flowing between process and business domains – from and through billions of connected devices, in secure and insecure locations throughout the world. And in an operational technology world, the impact of a breach can be much greater. For instance, if a hospital or medical care facility is attacked and systems needed for patient care or life support are impacted, the outcome is more severe than a computer system infected with malware in an IT environment. The ability to protect this data wherever it goes and however it is used must be addressed.
Thus the right model for IoE security will enable organizations to enjoy the benefits of IoE while maintaining a high level of data privacy and protection and ensuring reliable, uninterrupted service delivery.
A real-time, accurate visibility of devices, data, and the relationships between them will be a mandatory requirement for the future, to be able to manage billions of devices, applications, and their associated information. This requires true automation and analytics.
In this de-perimeterized environment, robust security requires the ability to identify threats based on understanding of normal and abnormal behavior, making decisions, and responding rapidly: this behavior outlines the ability to create a predictive infrastructure in a fragmented environment able to challenge threats in anticipation.
According to Cisco, Fog computing models describe one way to address this IoE scale problem. The "fog computing" term comes from the meteorological effect of fog as a layer between the ground (IoE sensors) and clouds (cloud computing). This model addresses the IoE scale problem by inserting a gateway between a set of IoE sensors and the data center that gathers data from multiple devices. It then performs initial filtering and correlation before sending data to the cloud. This fog layer could analyze and correlate events across multiple IoE sensors and identify vulnerabilities. It could then mitigate by ignoring the compromised device and instructing the neighboring sensors to do the same.
The market is shifting to incorporate higher levels of intelligence in the infrastructure, and the ultimate goal is to achieve an environment that is fully predictive and able to use machine-learning algorithms to improve efficiency and security. While security will never be fully automated, moving toward a predictive fragmented environment can result in broad visibility that helps preempt threats with cloud- and network-based intelligence.
Want to know more about Cyber Security? Start exploring Beyond the Buzz, the future trends magazine of Capgemini led by our CTO Lanny Cohen, reporting insights from all over the Group on innovative market trends topics and encouraging contact with our experts.