Locking down networks when IoT opens the door
- By Matt Leonard
- Jul 19, 2017
The internet of things is here to stay, according to the Environmental Protection Agency's Sean Kelley. “We are addicted to the data that these things bring,” the agency's chief information security officer told an audience at the AFCEA Energy and Earth Science IT Symposium.
Securing IoT-connected systems, however, has proved difficult.
Security systems can send real-time alerts when IoT sensors are showing abnormal behavior, Cisco's Principal and Director of Security Brian Tillett said, but they must know the baseline operations of both the network and the connected devices.
”You can’t detect something abnormal unless you know what normal is in the first place,” Tillett said. Once systems know what should happen, “anything outside of this throws you an alert,” he said.
Citrix CSO Stan Black agreed with the importance of understanding the network. Agencies should know what sensors push to what ports, which protocols they use and what their daily behavior looks like.
“Once [a sensor is] in the wild and it's out in your infrastructure, it may never see the light of day for support, patching, etc., so contain, control and mitigate,” Black said.
Agencies should determine why IoT is important to their missions and weigh those benefits with the real security risks, which Kelley compared to an insider threat.
“Once I allow the internet of things or any sensor or research device on the network, it's just like an inside user, it's the biggest threat I have inside the network,” he said.
Virtualized environments and segmentation can help secure IoT-enabled networks, “but there is no easy solution to this," Kelley said. "It's not going to stop because users are always going to want the next greatest thing.”
Matt Leonard is a reporter/producer at GCN.
Before joining GCN, Leonard worked as a local reporter for The Smithfield Times in southeastern Virginia. In his time there he wrote about town council meetings, local crime and what to do if a beaver dam floods your back yard. Over the last few years, he has spent time at The Commonwealth Times, The Denver Post and WTVR-CBS 6. He is a graduate of Virginia Commonwealth University, where he received the faculty award for print and online journalism.
Leonard can be contacted at firstname.lastname@example.org or follow him on Twitter @Matt_Lnrd.
Click here for previous articles by Leonard.