We have already explained what the Internet of Things is in a previous article. As our devices become increasingly networked, whether at work or at home, the risk of cyber attacks also increases. Therefore, when it comes to IoT, it is also important not to forget the security-relevant aspects.
How is the issue of cyber security related to the Internet of Things (IoT)?
The particular challenge here is that IoT is increasingly blurring the real world with the digital, so attacks by hackers can also have a much more real impact on our lives and businesses. Already, households face an average of 104 cyber security threats a year, according to one study.
Protective measures begin with the installation of such smart objects: after all, the entire system is only as secure as the weakest secured device. To make matters worse, some of the devices have less processing and storage capacity than conventional laptops and smartphones. This makes it almost impossible to use antivirus programs, firewalls and various other security applications for protection.
Due to their network interfaces, IoT devices offer increased attack surfaces, so securing them is extremely important. After all, it is not always primarily about hacking the target device. Such an IoT device can also be used as a so-called “jumping point.” The smart coffee machine or lighting system can quickly become a gateway for attackers to gain access to parts or the entire IT infrastructure.
Cyber security in the context of the Internet of Things is a very different challenge than "traditional" cyber security.
What to consider when it comes to the security of network-enabled devices
- During the purchase process, you should be guided by the lifecycle of the software when selecting a manufacturer. For network-capable devices, long-term support and regular security patches are particularly important purchase criteria.
- Do not assume that the device manufacturers will deliver secure configurations directly with the device. Always subject the device to a security check and make adjustments if necessary.
- Make a reasonable plan for the entire network, taking into account which device should/must communicate with which other devices.
Responding correctly to an incident involving an IoT device
Let’s be clear: the networking of devices increases the likelihood of hacker attacks. Therefore, an IoT security strategy is an absolute must for all companies that use such devices internally. When an incident occurs with an IoT device, the Product Security Incident Response Team (PSIRT) usually takes care of it.
It is important to react quickly if an incident does occur. With STORM powered by OTRS, the notification of an incident is immediately forwarded to a limited group of designated employees within a company, which can be the PSIRT or SOC team. Using predefined processes, all responsible employees are informed in a fraction of a second and appropriate steps are taken to minimize the damage.
An incident – whether successfully “averted” or not – always reveals vulnerabilities in the system and, above all, in the IoT devices themselves. On the plus side, with every vulnerability disclosed, smart objects become increasingly secure against external attacks.
These IoT vulnerabilities and incidents must be managed and documented. This is why STORM was developed to securely handle security incidents and the resulting security-related tasks in the cyber security environment. Neither other employees in the company nor external persons have access to STORM data. Instead, the PSIRT takes care of further processing the security incident using the information contained in the ticket.
Whether working with a PSIRT or not, the best way to proceed in the event of an incident should be clearly defined in a company’s security policy. Incident reporting and tracking software that meets security standards is helpful in this regard. And, with STORM, you have software and experienced security experts at your side to help you set up your incident management process and vulnerability management.
Don’t get the increased risk from the IoT catch you off-guard. Examine your environment now: Establish your policies, procedures and processes before you are under attack.