Haider Pasha, Chief Security Officer at Palo Alto Networks, Middle East and Africa (MEA) speaks with Security MEA and explains the importance of having a cybersecurity strategy in place to tackle the growing risks associated with IoT.
How do you foresee cybersecurity evolving in the era of IoT?
IoT has been a revolutionary change and there is no doubt on the positive impact and major advancement of all the sectors. However, with the modern IoT environment, the severity and frequency of attacks continue to evolve. Threats and large-scale attacks can now come from anywhere, even from within the operator’s own network.
Unit 42, the threat intelligence team at Palo Alto Networks, has identified 98% of all IoT traffic is unencrypted, exposing confidential data on the network. This allows attackers the ability to collect personal and other confidential information.
Enterprises and consumers must consider several aspects to successfully secure their IoT devices. To start off with, enterprises must have full visibility of their network with the number and type of IoT devices connected along with active monitoring. Enterprises must also harden their defenses and ensure their systems are not vulnerable and are difficult to breach. According to our research by Unit 42, around 41% of attacks exploit device vulnerabilities in an attempt to exploit known weaknesses.
For enterprises, limiting audit access, using multi-factor authentication, and educating your workforce can go a long way. On the other hand, consumers must be careful about visiting websites and unknown links, and secure strong and unique passwords for accounts. With the social media age, it is also imperative to be careful about what you share online as small personal details such as birthday or hometown can give access to your important accounts and cause breaches.
5G is going to be a game changer and is going to expose networks to a new level of threats and risks? What kind of association is required between 5G players and cybersecurity vendors to provide maximum protection to the users?
5G is an absolute game-changer. Recently, we have witnessed 5G applications to be driven by both consumers and enterprises. In addition, they are proving quite essential for governments to implement smart city rollouts for better customer experience, including for major upcoming events such as Expo 2020 Dubai and the 2020 Summer Olympics, both scheduled for 2021 now.
As best practices to protect your users, 5G players and cybersecurity vendors must focus on three areas to swiftly respond to threats in real time: securing the 5G-ready telco cloud, next-gen managed security services, and securing private LTE/5G networks.
IoT is much more than just an abbreviation and it will bring billions of new devices under its fold? Is cybersecurity vendors or technology ready for such an increased level of IoT usage?
Yes definitely, there is no doubt that with IoT we also have many risks and need to ensure that several security practices and systems are in place.
Cybersecurity needs to be a top priority with enhanced readiness, resilience, and responsiveness – otherwise the benefits and capabilities of a digital environment can come crashing down.
We must have a proactive approach by regularly updating our firmware when available as most IoT devices compared to IT systems are not designed to do so. Enterprises should also implement a real-time monitoring solution to continuously analyze the behavior of all network-connected IoT endpoints by integrating with your existing security posture and next-generation firewall investment. At Palo Alto Networks, we launched the world’s first ML-powered Next Generation Firewall to intelligently stop threats and secure IoT devices.
In general, many of the threats and attacks are also relevant today in 4G and we should be prepared for the bigger impact of cyber threats and attacks, especially for relevant industries connected to 5G.
On the other hand, IIoT is another grey area, which is facing big amounts of vulnerability and risk. How is industry ensuring minimal breach and maximum security to these critical assets of the economy?
When it comes to security around industrial organisations, it can be a big risk and concern as connected devices such as IIoT devices and infrastructure make them high-value cyber targets. As more IIoT devices are connected to a large shared network across multiple locations, it can sometimes be hard to identify risks. It is vital to assess all devices to identify a potential breach quickly.
As a cybersecurity practice, you must employ device discovery for complete visibility of IoT devices, along with real-time monitoring, reporting, and alerting of systems and endpoints – including authentication methods to strengthen security and prevent unauthorised access. As best practice, we recommend to always secure the network and protect communications channels with strong firewalls, encryption, and intrusion detection.
IIoT or industrial security also faces a huge challenge of legacy technology, which leaves plenty of gaps to exploit by cyber criminals or hackers? How does Palo Alto take care of that?
While there are many who still rely on legacy approaches which are highly manual, Palo Alto Networks encourages the MineMeld Security system, which is the threat intelligence syndication engine.
Legacy approaches for aggregation and enforcement create elaborate workflows, delaying the process to identify and validate which IoCs should be blocked. With MineMeld, we can gather threat intelligence across public, private and commercial intelligence sources.
Where does Palo Alto stand both in terms of offering technology and products that provide the highest level of protection for IoT and IIoT to the end-users?
With the advancement of technology and digitisation, there are many instances where enterprises are being left vulnerable to security threats, leading to serious circumstances if exploited. Almost 30% of all network-connected endpoints are IoT devices at the average enterprise, excluding mobile devices.
IoT is rapidly growing and to reduce exposure to IoT threats, you must analyze your risks and discover all your IoT devices connected on the network. It is best recommended to identify easily patchable devices – for example, printers account for 18% of IoT devices and 24% of security issues as they have less built-in security and are often ideal targets as entry points for launching cyberattacks.
Network segmenting across all IoT devices through VLANs is also essential; however, it is not sufficient. We recommend a microsegmentation approach considering many factors such as device type, function, mission criticality, and threat level – this provides an isolation approach helping in reducing a cross-infection impact
At Palo Alto Networks, we aim to enable security teams to rapidly identify and protect all devices with a machine-learning based, signature-less approach. We have enhanced our Zingbox technology to create the industry’s first turn key IoT Security delivering visibility, prevention, risk assessment, and enforcement in combination with our ML-Powered Next-Generation Firewall.
What message would you like to give to concerned CIOs or CISOs, or IT Head, who are ready to break their heads in formulating a soundproof strategy to protect their assets?
The advancement of technology and IoT brings a lot of anticipation and excitement globally in terms of revolutionising ecosystems, but at the same time it is important to lay a strong foundation for security.
The motive for hackers has completely changed with IoT, it is not just stealing critical information but also disrupting business operations and organisations. With IoT, hackers have the capacity to do so.
CIOs, CISOs or even IT Heads, can immediately act to reduce the organisations’ exposure to IoT-initiated attacks by knowing their risks, visibility of IoT devices on the network, managing easily patchable devices, network segmenting, and actively monitoring all IoT devices.
For the long-term, it is important to have an effective IoT strategy in place to know and manage any risks proactively. It is best to think holistically by orchestrating the entire IoT lifecycle and expanding security to all IoT devices through product integrations.