Symantec takes on the Internet of unsecured things
With the number of Internet of Things devices expected to reach 25 billion by 2020, there will be plenty of work ahead for those trying to secure connected systems. Symantec, for one, said it is already securing 1 billion devices – from televisions and cars to smart meters and critical infrastructure.
The company’s newest offering, Embedded Critical Systems Protection, protects IoT devices by locking down the software embedded in the devices to protect against zero-day attacks and prevent compromise. The lightweight security client is designed to secure the IoT by protecting the endpoint and embedded devices, and it can be integrated by device manufacturers or installed post market as part of an asset owner's cybersecurity strategy.
To embed security at the hardware level, Symantec is working with chip providers and cryptographic library partners, including Texas Instruments and wolfSSL, to combine Symantec’s Certificate Authority with the partner’s embeddable engines to create new “Roots of Trust.” These engines, Symantec claims, can be the cornerstones for devices to safely encrypt and authenticate information.
And to ensure that code running on IoT devices is authorized, Symantec provides code-signing certificates and a cloud-based signing-as-a-service for a number of code formats relevant to IoT.
Symantec’s plans to help enterprises address IoT security also include an IoT portal for managing security from a single interface, and security analytics for proactively detecting anomalies that might indicate stealthy attacks on IoT networks.
Connect with the GCN staff on Twitter @GCNtech.