Cyber Defense eMagazine May 2019

More documents

Recommendations

Info

SOAR: The Key to Building a Trustworthy Iot By Cody Cornell, founder CEO, Swimlane and Trent Hein, co-CEO, Rule4 Gadgets and devices connected through the internet of things (IoT) are infiltrating every aspect of our daily lives. From our personal spaces to our businesses, the easily deployable control and sensor technology promotes healthy living, staying connected, improved operational efficiencies, unmanned control and so much more. With giant corporations such as Amazon, Google, Microsoft, and others investing billions of dollars in the IoT space, it’s apparent the IoT is changing our lives and the future of business. Digital transformation has spurred a modern-day industrial revolution as organizations strive to achieve better productivity and management of processes and assets. The rapid proliferation of networkconnected devices has created opportunities for smart analytics and machine learning, predictive maintenance, remote monitoring and increased quality management. In fact, according to a 2017 forecast by Gartner, the number of IoT devices in use will grow to a staggering 20.4 billion by 2020. This rapid escalation is creating a more collaborative, productive and profitable opportunity for information sharing across organizations, which comes with a bevy of both positives and negatives. Industrial Internet of Things IoT extends well beyond smart devices in the home and into business/industry. Often called the industrial internet of things (IIoT), this specialized area of the IoT landscape is rapidly growing. From facilities management systems (i.e., HVAC, lighting and access control) and industrial process control systems on factory floors to network-connected treadmills at the gym and on-mountain pass readers at ski resorts, organizations are increasingly deploying embedded devices throughout their networks. Each of these devices can be either a source of data about the environment (including, in some cases, consumer usage patterns) or a way to control a component of the environment. 28
Whether it’s malicious outsiders or employee sabotage, the stakes are much higher in the industrial internet of things, where business continuity and personal safety are both at risk. And the rapid increase in IIoT devices has expanded the attack surfaces and threat vectors the cybersecurity industry is facing on a daily basis. IIoT <strong>Cyber</strong>security: A Great Concern <strong>Cyber</strong>security is not always considered as a top priority during an IIoT product's design phase. Because the IIoT is a burgeoning market, many product designers and manufacturers are more concerned with rapidly getting their products to market, instead of taking the necessary steps to build cybersecurity in from the start. From default passwords to a lack of computing resources necessary to implement effective cybersecurity, many IIoT devices do not or cannot offer adequate cybersecurity protection features. As a result, bad actors are scanning for IIoT vulnerabilities at a frenetic pace. In fact, according to “The CEO’s Guide to Securing the Internet of Things,” experts have seen a dramatic 458 percent increase in IoT vulnerability scans against devices since 2013, with scans representing adversaries looking for weaknesses in your network defenses. While the analysis and distribution of collected information and data is essential for device developers and manufacturers to derive predictive models, managing the overwhelming amount of data remains a privacy concern as well. The expectation of the public is when companies handle data, they will handle it securely. Unfortunately, as recent high-profile examples have illustrated, that notion is not aligned with reality. Today, the IIoT focus is primarily on integration and convergence across industrial verticals. As such, implementing a robust cybersecurity program for IIoT requires a complicated combination of architecture, technical and integration controls as well as adaptation of traditional cybersecurity platforms. And while executing a credible approach to cybersecurity is one thing, the ongoing operational management of authentication credentials and operations, especially for large deployments of non-homogenous devices, is equally important. Automation Traditional cybersecurity does not always work with IIoT device deployments. For example, IIoT platforms struggle to verify the authenticity of 10,000 IIoT devices when they don’t have associated users to enter a user name and password. A major challenge is keeping IIoT devices updated and secured throughout their lifecycles. As IIoT device adoption increases, automation becomes an essential component of cybersecurity. Automation is crucial when you think about the vast number of connected devices and applications in our daily lives. Because it’s impractical to manage the configuration of 10,000 devices manually, we need to step out of the traditional IT mindset that a human is going to “touch” a device to harden it from a 29
Page 1 and 2: 5 Reasons Why Cloud Security is Imp
Page 3 and 4: Data Sniffing is Threatening Your P
Page 5 and 6: CEO, Cyber Defense Media Group Publ
Page 7 and 8: 7
Page 9 and 10: 9
Page 11 and 12: 11
Page 13 and 14: 13
Page 15 and 16: Your website could be vulnerable to
Page 17 and 18: 17
Page 19 and 20: Cloud computing helps organizations
Page 21 and 22: the day, if the customer data store
Page 23 and 24: 8 Cybersecurity Practices In Health
Page 25 and 26: V. Amplified M&A activities in the
Page 27: 7. Maintain Compliance with HIPAA T
Page 31 and 32: About the Authors Cody Cornell is t
Page 33 and 34: altered. And with the decentralized
Page 35 and 36: Simplifying Cybersecurity Deploymen
Page 37 and 38: If you do not want Alert Logic auto
Page 39 and 40: Backups like The Last Resort The im
Page 41 and 42: About the Author Pedro Tavares is a
Page 43 and 44: Legacy Infrastructure Legacy infras
Page 45 and 46: Enterprise Insider Threats on The R
Page 47 and 48: Your Security Teams are Destroying
Page 49 and 50: Using Behavior to Detect Complete A
Page 51 and 52: Ivanti Priorities this month:
Page 53 and 54: Phishing Awareness - The More They
Page 55 and 56: ecognized leader for security aware
Page 57 and 58: On Security and Privacy, States Are
Page 59 and 60: This federal push will not be a sil
Page 61 and 62: miniature bridges - an email can cr
Page 63 and 64: Network Traffic Analysis (NTA) By T
Page 65 and 66: Traffic Analysis Engine These are t
Page 67 and 68: The Internet of Things Signal Trans
Page 69 and 70: oth - convenience and security of t
Page 71 and 72: 4. Cloud and Speed: Companies that
Page 73 and 74: Two Steps on - One Step Back By Mil
Page 75 and 76: Always Take Care about Your Trainin
Page 77 and 78: CTI in some way, which is an increa
Page 79 and 80:
would show that it’s so hard to a
Page 81 and 82:
It’s All About The Logs Looking i
Page 83 and 84:
A well designed and properly implem
Page 85 and 86:
Salaries have significantly grown i
Page 87 and 88:
Let’s take a look into a kid’s
Page 89 and 90:
What happened then? This destroys a
Page 91 and 92:
Opt Parental Controls for all your
Page 93 and 94:
“Standards-based cybersecurity ri
Page 95 and 96:
the de facto security standard simi
Page 97 and 98:
About the Authors Dan Jetton is the
Page 99 and 100:
According to KPMG’s Global Sector
Page 101 and 102:
Data Sniffing is Threatening Your P
Page 103 and 104:
About the Author William J. Tomlins
Page 105 and 106:
if the line meets the acceptable le
Page 107 and 108:
Is Your Encryption Flexible Enough?
Page 109 and 110:
to other chat apps is geometric, an
Page 111 and 112:
The Critical Role TAPs Play in Netw
Page 113 and 114:
About the Author Alastair Hartrup i
Page 115 and 116:
Thanks to these attacks, the demand
Page 117 and 118:
Why CIOs/CISO’s Positions Are Bec
Page 119 and 120:
slowly to how they would normally.
Page 121 and 122:
Over time, as operators compile mul
Page 123 and 124:
QIDs from associated metadata, the
Page 125 and 126:
125
Page 127 and 128:
127
Page 129 and 130:
129
Page 131 and 132:
131
Page 133 and 134:
133
Page 135 and 136:
135
Page 137 and 138:
137
Page 139 and 140:
139
Page 141 and 142:
141
Page 143 and 144:
143
Page 145 and 146:
145
Page 147 and 148:
147
Page 149 and 150:
149
Page 151 and 152:
You asked, and it’s finally here
Page 153 and 154:
Marketing and Partnership Opportuni
Page 155 and 156:
Regent University’s Institute for
Page 157 and 158:
157
Page 159 and 160:
159
show all

Cyber Defense eMagazine May 2019

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?