IoT Security: Thing-centric Vulnerabilities Drive Internet-centric Security Opportunities

66.1%

of all industries implementing IoT solutions are looking to reduce security and compliance risk*.

*https://451research.com/report-short?entityId=89564

THING-CENTRIC: Elements required to get devices talking to each other—edge computing, connectivity modules, operating systems, wearable technologies, edge gateways.

Thing-centr ic IoT Device Vulnerabi l it ies :

> Exceed effect ive encrypt ion technology

> Designed without any k ind of secur ity

> Can’t support secur ity

> Hindered abi l i ty to remotely patch endpoints

> Open to exploitat ion leading to network hacks

> Eas i ly mimicked

Thing-centr ic Network Vulnerabi l it ies :

> May not have adequate encrypt ion

> Increased vulnerabi l i ty due to number of protocols

> Flat compared with typical IT networks

> Exposure to central ized management or data system.

INTERNET-CENTRIC: Infrastructure and services required to complete an IoT solution—bandwidth, connectivity, middleware and application platforms, big data and cloud, systems integration, managed services and consulting.

Thing-centric Impact on Internet-centric Security

> Thing-centric data could contain malware and needs to be:

• Inspected • Stored• Separated • Sanit ized• Sandboxed

> No easy way to secure, patch and monitor the assets, compounding r isks

> Surface area also increases from the physical to the virtual world:

• Vulnerable appl icat ions• Compromised machine ident it ies• Targeted pol ic ies and ent it lements • Increase in the secur ity footpr int

Driving Internet-centric Security Opportunities

> New IoT use cases

> Emerging standards and protocols

> Legacy devices and things