Juniper Research predicts that there will be 83 billion IoT connections within the next three years, with the industrial sector accounting for over 70% of them.1
Internet of Things (IoT) technologies, like asset management sensors and environmental monitoring devices, deliver huge benefits to critical infrastructure and industrial organizations, including cost reduction and safety improvements. But they also create security gaps because many operators don’t have the tools needed to monitor and protect them.
Let’s take a look at what’s driving the rapid adoption of IoT, and the issues involved in securing hundreds of thousands of IoT assets on a network.
Unlimited Use Cases in Every Industry
Improvements in automation, communication and analytics enabled by IoT technology deliver value in virtually any OT environment.
For example, a recent report by Microsoft2 found that the top three IoT use cases in the manufacturing industry were:
- improving automation
- increasing quality and compliance
- improving production planning
By adding IoT sensors at various points in the production process, manufacturers gain more visibility into equipment performance by utilizing the increased volume and accuracy of data for predictive analytics. This allows them to proactively identify problems and take action to prevent maintenance-related disruption.
Energy is another asset-intensive sector making full use of IoT technology. Sensors are used to monitor energy production, transmission and distribution, which allows operators to optimize consumption, and spot and mitigate outages faster. Data analysis also helps them identify operational inefficiencies and improve customer service.
Every OT Network Is an IoT Network
As Nozomi Networks Co-founder and CPO likes to remind us, you can’t secure an OT network without also securing the IoT devices on it.
Today’s complex operating environments were created by the consolidation of two separate environments: OT (the systems that monitor and control physical processes), and IT (the systems that transmit, manage, and store data). Greater access between internet-facing IT networks and OT networks means that threat actors have a much bigger surface to target.
Let’s look at some of the challenges security teams are up against:
Challenge #1: Limited Visibility into IoT Assets and Behaviors
Most of the network monitoring and security controls used in OT environments weren’t designed to monitor IoT protocols or IoT device behavior, so they provide only limited visibility into the IoT assets on the network.
A similar issue occurs when using security controls designed for IoT networks to monitor OT environments. These tools frequently lack an understanding of OT protocols or device behavior, which prevents them from detecting anomalous or malicious behavior.
Challenge #2: IoT Devices Have Limited Security Capabilities
IoT devices typically come with their own set of security challenges, including the use of weak default passwords, vulnerable firmware, and very little insight into their software supply chain.
A 2020 survey conducted by Syniverse/Omdia3 found that the top three IoT security concerns were:
- Protection against malware/ransomware
- Protection against theft of data/financial loss
- Preventing accidental leakage of confidential data/intellectual property
Challenge #3: Monitoring and Analysis at Scale is Harder to Achieve
As IoT assets are deployed at scale, your security team may find it next to impossible to monitor the data from thousands of new devices, and analyze it for anomalous or malicious behavior. This problem will only increase with the adoption of 5G technology.
What Can You Do to Close Your IoT Security Gaps?
To close the gaps, you need to detect and monitor the behavior of all the OT, IoT and IT assets connected to your OT network. A cloud-based OT/IoT security strategy can help you do this.
The power of SaaS allows you scale quickly as new IoT devices come online. And it allows you to easily bring all your essential security technologies together, including vulnerability assessment, risk monitoring, and anomaly and threat detection.
If you’d like to find out how the Nozomi Networks Vantage platform can help close security gaps created by the use of IoT devices, read our brief “Closing IoT Security Gaps in Your Operations,” and register for the webinar below.
References
- IOT ~ THE INTERNET OF TRANSFORMATION 2020, Juniper Research, Markus Rothmuller, Sam Barker, April 2020.
- IoT Signals Report, Microsoft Azure, November 2020.
- Connected Everything: Taking the I out of IoT, Syniverse/Omdia, Alexandra Rehak, Pablo Tomasi, April 2020.
