Home

How will security practices for internet of things (IoT) devices evolve?

When we start to get native, protocol-level attacks on industrial internet of things (IIoT) and IoT devices, it will be interesting to see how the players in this space will react. They're going to realize that their products cannot stop those attacks. Even if you have a traditional next generation firewall (NGFW), for instance, someone could create a denial-of-service attack using native, valid, DNP3 functions. I wrote a lot of the offensive code when we were designing security for the products at Bayshore Networks, so I know that can happen. Those NGFWs would see this DNP3 traffic and just let it through. While there are architectural dynamics involved, and it's not a black and white situation, native protection of these environments is going to be critical.

42 views
7 comments
1 upvotes
Related Tags
Anonymous Author
When we start to get native, protocol-level attacks on industrial internet of things (IIoT) and IoT devices, it will be interesting to see how the players in this space will react. They're going to realize that their products cannot stop those attacks. Even if you have a traditional next generation firewall (NGFW), for instance, someone could create a denial-of-service attack using native, valid, DNP3 functions. I wrote a lot of the offensive code when we were designing security for the products at Bayshore Networks, so I know that can happen. Those NGFWs would see this DNP3 traffic and just let it through. While there are architectural dynamics involved, and it's not a black and white situation, native protection of these environments is going to be critical.
0 upvotes
Anonymous Author
IOT devices is a challenge to manage and protect. Some (if not most) of these are in critical infrastructure / applications and also remote unmanageable locations, very challenging to remediate vulnerabilities at a short notice. IOT vendors will definitely make advances to a certain extent, but its always going to be a challenge.
0 upvotes
Anonymous Author
Cyber security is a big challange for IoT applications . IOT device and device related data contain both personal data along with  connected devices data too. So proper planning of security and education about securtiy across  the organization is very essential. It should be top driven and give immense priority in all process and program of organization.  So maintaining data lifecycle, variable encryption process, protocol level policy, device recycling policy after data erase etc must be in place.  
0 upvotes
Anonymous Author
I think the security tools currently in use for commercial entities like CarbonBlack, Darktrace and managed EDR will move into the consumer space to protect household networks.  Perhaps similar to how alarm companies migrated from the commercial to consumer space 25 years ago. Home networks are not going to become simpler or less critical and cyber criminals are not going to become less creative or persistent; so, the natural response will be more robust protection for consumer grade networks and endpoints.
0 upvotes
Anonymous Author
Too many firms don’t focus on the core security issues to secure their IoT infrastructure. It’s not about evolving threats. It is dealing with current threats. With that, security is almost always behind the curve as attackers have the advantage of, and the security teams have to defend against it.
0 upvotes
Anonymous Author
I think we're going to see segmenting occur to separate IoT devices and I think we're going to see an evolution of monitoring tools.  The IoT devices for the most part are simple, but that doesn't mean they won't either be attacked or used for attack.  I think the next evolution will be to treat them as an endpoint that needs to be secured.
0 upvotes
Anonymous Author
The security of IoT is one of the most dangerous principal which everyone working in this field has to be very carful, otherwise all the benefits which we will get from IoT will be converted to destroy ourselves  
0 upvotes