Top ways to strengthen protection for IoT devices in OT
Over the past few decades, we’ve seen cyberthreats evolve from tools to smart weapons, extending their reach as botnets that develop into advanced persistent threats and kill chains.
As IoT matures, the focus in cyberwarfare has turned to protecting devices. Traditional IT and operational technology (OT) are converging, and cybersecurity professionals must explore better ways to protect both domains.
An evolving threat landscape
The threat landscape has changed dramatically, and attacks are increasingly sophisticated. Bad actors may launch coordinated attacks that attack key infrastructure. Nation-state attackers launch ransomware attacks that use weaponized cryptography. Malware propagates from threat actors to sensors, controllers and actuators.
As attacks become more complex, industrial environments are increasingly vulnerable. Most brownfield and greenfield devices in these deployments lack cyber resilience by design, which leaves organizations unprepared.
What distinguishes threats in 2022 from earlier attacks? Fundamentally, the difference is that today’s hackers have a better understanding of how to sidestep detection and prevention controls. Traditional IT security was built with a focus on examining network traffic and utilizing rules-based firewalls, threat intelligence, and policy-based intrusion and anomaly detection.
It is challenging to adapt these IT security strategies for OT, as devices and humans have dramatically different vulnerabilities. Unlike the predictable behavior of devices, human psychology is tougher to proactively address.
Aligning security to industry trends
Device protection requires an approach based on a horizontal platform of transitive trust, together with a vertical pillar of integrated trust. For an effective strategy, organizations must align security to several industry trends.
1. Digital transformation
Digital transformation for IoT devices applies AI and machine learning (ML) to enhance operational efficiency and digital privacy, as well as enable data sharing. AI requires intelligence in both the network and devices to support continuity and runtime integrity of services in automation-powered industrial applications.