As artificial intelligence and IoT applications are becoming more prominent, businesses must consider how to best process and analyze such data. Think of the countless business efficiencies and consumer-centric conveniences that have been offered up by the connected home or smart city. However, this new era of connectivity has introduced disruption for many businesses. As data becomes an organization’s most valuable resource, it becomes a target for criminals around the world. As we become more connected, the threat of data breaches and cyberattacks negates the promise of a smarter and more sustainable working world.
Safeguarding the benefits that AI applications and IoT devices offer up must be a priority for today’s organizations. As such, we welcome the news that the U.K. Government recently outlined plans to fine essential services providers up to £17m if they fail to comply with the EU’s NIS Directive by May 10. The new directive applies to operators in electricity, water, energy, transport, health and digital infrastructure. It may sound harsh, but noncompliance by these organizations could lead to a cyberattack causing at best disruption, or at worst critical failure of these important services. This could result in major consequences for the health, safety and economic welfare of U.K. citizens.
The regulation is part of a growing trend of global governments taking cybersecurity more seriously. With IoT spending set to hit $840 million by 2020, and the number of data breaches and cyberattacks costing upwards of £11 billion annually, where should an organization start when it comes to making an investment in cybersecurity measures in order to avoid facing fines, and keeping the public safe and satisfied?
Start with prevention
Best practice is to minimize the attack surface by limiting access to endpoints, services and information. Ensure only authorized and approved devices are allowed access to their cloud services, and that endpoints can only be accessed by bona fide services. There is no magic. In order to enforce access control, robust mutual authentication, based on standard cryptography, is required. Strong authentication also demands that IoT services can uniquely identify each endpoint before authorizing access to cloud resources. Endpoints should be able to cryptographically authenticate the service they send data to and receive instructions from. Confidentiality of the communication between the endpoint and the service should be ensured using data encryption. Without strong encryption, user privacy cannot be ensured. Last but not least, reducing the attack surface calls for disablement of endpoints remote communications protocols, such as secure shell, unless they are truly necessary.
Spot anomalies fast
One way to improve a company’s ability to react quickly to an attack is to monitor and detect infected devices in real time, enabling them to limit the number of devices that end up being compromised. Because most IoT endpoints have predictable functions, it is relatively easy to detect behavioral anomalies using AI and machine learning algorithms. False positives can be reduced through anomaly correlation, as more devices are infected by the same malware.
Recover and keep defending
IoT data is collected from a myriad of sensor devices, often in the field, and although they might have been deployed recently, many will be considered legacy in just a few of years and will be exposed to recent discovered vulnerabilities. If such a new vulnerability can affect a device, or worse, if a cyberattack should happen, the ability to move quickly to patch devices and limit damage will be vital. The fastest and most efficient way to deliver updates for in-field recoverability will be over-the-air services that push credential and security updates to devices automatically via the internet.
What else can be done?
The threat landscape is continuing to evolve. More and more devices are becoming connected and soon more than half of the world’s population will be online. Security needs to be built into the fabric of every service provider and OEM’s design process to ensure products come to market with consumer safety in mind. This approach can be seen in a recent recommendation from the U.S. Department of Homeland Security which calls for the hardware in devices that incorporate security features to strengthen the protection and integrity of the product. More specifically, the DHS highlights the use of computer chips that integrate security at the transistor level, embedded in the processor, to provide encryption and anonymity. The DHS has recommended designing silicon with system and operational disruption in mind, allowing devices to fail safely and securely, in an attempt to prevent greater systemic disruption.
Securing processors themselves should start at the core. Embracing a hardware-first strategy and implementing the necessary functionality on the system-on-a-chip (SoC) level is a key element of fully securing devices and platforms across multiple verticals. As the recent Meltdown and Spectre vulnerabilities illustrate, the importance of adopting a hardware-based approach at the most basic core level cannot be overemphasized. Aside from ensuring fundamental chip security during manufacturing, embedding a separate security IP core into a SoC can help manufacturers design devices, platforms and systems that remain secure throughout their respective lifecycles — safeguarding the benefits from our AI and IoT future.
By following all of these steps, businesses can avoid hefty legislative fines and get back to innovation and growth, capitalizing on the promise of AI and IoT unhindered by cyberattack.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.