Andrea Danti - Fotolia
The COVID-19 virus has shifted how businesses operate, and several emergent trends have placed new demands on IoT cybersecurity risk mitigation.
Changes in work setups, customer demands, IT and operational technology (OT) processes, and product and service delivery models have forced organizations to restructure how they conduct and secure their assets, ecosystems and business models.
Cybersecurity teams can apply six strategic and tactical steps to broaden business resilience and reinforce best practices for IoT security.
1. Security must start with the human side
One of the most urgent changes is to develop an upstream security strategy that focuses on people. Historically, organizations have relegated cybersecurity measures to the IT team and decided these measures based on enterprise risk and technology and, often, entirely overlooked the human element.
The pandemic has reshaped workforce culture and reliance on digital technology and placed untold strain on people's mental health and family care structures. It's not a coincidence that cyberthreats have increased approximately 600% during the pandemic, because an uncertain climate is a fertile ground for lures, threats and attacks where people are the first line of defense.
IoT security leaders must double down on employee education and security hygiene practices. Because people are the common entry point to penetrate systemic defenses, security experts must focus on employees, executives, contractors and partners. Leaders must communicate clearly about general best practices, existing enterprise programs and protocols, VPN policies, explanations for security mandates, how to verify trusted information sources from the enterprise and how to identify and report suspicious interactions.
2. Take broader and deeper asset inventory
A detailed and up-to-date IoT asset inventory is crucial to enterprise security strategy and for specific risk mitigation tactics because, as the old adage says, "You can't manage what you can't measure."
With the rise in attacks and endpoints that expand far beyond each organization's walls, it is now essential that security professionals take deeper and wider asset inventories, including specifications across hardware and software, updates, patches and scans for unauthorized shadow devices.
Asset inventory also marks an upstream cost-savings exercise given the potentially costly effects of downstream cyberattacks on already resource-strapped organizations weathering a recession. Such inventories are crucial inputs for asset lifecycle management, a dynamic of growing importance in IoT contexts with multiple tenants, ecosystems and interactions.
3. Scan for unauthorized IoT devices
The shift to remote work and mobile-enabled IT/OT management has expanded BYOD security implications into households where multiple users may share shadow devices for non-work purposes. Unbeknownst to many workers, IoT devices found in the home, including smart TVs, set-top or cable boxes, IP cameras and smartwatches, can imperil enterprise security because these devices increase the attack surface through inadvertent access exposure to enterprise networks.
4. Extend traffic pattern analysis across the widening security topology
As organizations' devices, data and cloud networks expand to meet changing work patterns and production models, admins must adjust network traffic analysis.
Network traffic analysis among devices is important, not only to monitor data flows and interactions, but to develop context for what is normal and serve as critical inputs for AI and software-based threat detection, anomaly identification and automated response.
5. Increase security risk assessment and management when transitioning to the cloud
During the COVID-19 pandemic, organizations have faced accelerated cloud adoption because of their need for flexibility, scale, on-demand elasticity, remote patching and easy integration via APIs. But cloud-based infrastructure introduces various risks to data exposure, breaches, end-user vulnerabilities and compliance.
Specific healthcare and financial service regulations govern the use of sensitive data, which is at higher vulnerability while in transit or in the cloud. Some cloud providers and applications provide security features to mitigate risks, but increased business urgency of cloud adoption translates to increased scrutiny from IT and IoT security professionals to conduct due diligence and risk assess across all assets.
This includes balancing the adjacent benefits and risks of AI-based security tools, which are often cloud-based, yet offer several use cases to improve incident detection, response times and proactively automate containment measures.
6. Apply the lessons of epidemiology to cybersecurity
Biological virus spread and cybersecurity threats share several parallels that IT security experts can learn from. Security tactics mirror what epidemiologist-turned-CTO Mike Lloyd coins as the four cybersecurity lessons to be learned from nature. IoT security professionals must understand why interconnected networks require greater endpoint protection and segmentation, where attacks originate and how they will move through the network, why time is of the essence, and how cybersecurity hygiene serves as the first line of defense against attacks.
There is one additional lesson security leaders and businesses can learn from this global pandemic: stronger immunity and real cures take a village. Just as no country can defeat COVID-19 on its own, the cybersecurity mitigation and investments of any one organization compound when there is multilateral and international coordination across data security, fraud protection, governance frameworks, standards compliance and enforcement. Both crises require a systemic strategy.