sb-as logo
Story image

IoT bringing more security concerns, says expert

The rise of the Internet of Things across industries is bringing with it a new wave of security concerns, and business need to be aware.

That’s according to security specialist firm Palo Alto Networks, who says IoT is ushering in a fourth wave of the industrial revolution.

Multiple industries such as manufacturing and healthcare are leveraging connected devices to better manage Industrial Control Systems (ICSs), the company says. However, it warns this new capability is also raising new security concerns, and companies need to take measures to address them. 

“Mixing operational technology systems and information technology systems by way of IoT devices can increase the threat surface and open up new ways for hackers to breach sensitive organisational networks,” explains Gavin Coulthard, systems engineering manager for Australia and New Zealand at Palo Alto Networks.

“This can result in data and financial losses, infrastructure damage, and damage to an organisation’s reputation.” 

Coulthard says there are several steps businesses can take to protect an Industrial Internet of Things  infrastructure: 

Implement layer-7 inspection technologies for improved visibility  Granular visibility of ICS protocols is a helpful step to increasing intelligence over data traffic, Coulthard says.

“Linking this visibility to users and inspecting file-bearing applications is an essential part of this process. Next-generation firewalls employing advanced deep-packet inspection technology can help to deliver this capability,” he says. 

Apply zero-trust network segmentation  According to Coulthard, it is important to apply zero-trust rules with access allowed on a ‘least privilege’ basis, where users are given access only to the systems they need to carry out their duties.

“This approach can result in a marked reduction in the number of vectors that can be used by an attacker, while also providing better correlation between user and application.” 

Use modern tools for preventing zero-day attacks  So-called zero-day attacks exploit previously unknown vulnerabilities in computer code to breach systems, Coulthard says.

Tools that can detect and prevent such threats at both the network and the endpoint levels are now essential for protection. “A combination of malware ‘sandboxing’ solutions and advanced endpoint protection technology can help reduce the success of such attacks,” he explains.

Secure mobile and virtual environments  Coulthard says mobile devices should be checked for proper configuration before being allowed to access the network and, once on the network, applications should be limited to reduce the potential attack vectors.  

For virtual environments, virtualised firewall technology should be used to provide better visibility to data traffic,” he says. 

Use a cohesive security platform  “Many legacy ICS environments don’t have adequate security, and those that do often use security systems with point solution architecture,” says Coulthard.

“This can hamper performance, incident response, and administration. Next-generation firewall architecture, on the other hand, along with new models of centrally-connected endpoint security measures, support optimal operation and threat detection.”

Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Link image
Don't let ransomware have the last laugh
Veeam's free ransomware prevention kit will stop criminals in their tracks.More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
Average person has 100 passwords - study
The average user has about 25% more passwords compared to earlier this year.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More