What’s Still Left to Do Regarding Internet of Things (IoT) Cybersecurity?

While the U.S. Congress, the Biden White House, the FCC, NIST etc. are catching up on IoT infrastructure regulation—devices, data, the networks—conventional network perimeter defenses and legacy processes are simply not equipped to address the surge of new IoT security issues.

Today, IoT devices account for more than 30% of all network-connected enterprise endpoints. CISOs and security leaders need to consider a complete IoT lifecycle approach and move past legacy solutions. By creating an IoT security posture that reliably enables IoT and protects the network from existing and other unknown threats. This situation is made even more complex as we now see a further explosion of connected devices comprising IoT (from drones to consumer appliances), The Internet of Industrial Things (for example electrical turbines, smart lathes, entire fabrication plants) and indeed the meshing of the two device Internets in some sectocs like defense and robotics.

Three key cybersecurity trends to know for 2021-22

1. With regard to expanding cyber attacks (Remote Work, IoT, Supply Chain), one way to address the expanding attack surface is to use an automation tool chest that can now utilize horizon scanning technologies, analytics, audits, incident alert tools, diagnostics, and even self-repairing software. Artificial intelligence and machine learning technologies can also provide for more efficient decision making by prioritizing and acting on threats, especially across larger networks with many users and variables. This type of artificial software could keep potential cybersecurity threats at bay.

2. Ransomware as a Cyber Weapon of Choice:  Ransomware became an issue for companies migrating to online working methods, creating more targets for potential extortion. Preventing ransomware requires cybersecurity awareness and preparation based on anti-malware programs, secure passwords, updating patches and having secure routers, VPNs, and Wi-Fi. Most important of all, you cannot fall for the Phish and be sure to back up sensitive data.

3. Threats Against Critical Infrastructure; ICS, OT/IT Cyber-Threat Convergence:  Phishing scams, bots, ransomware, and malware and exploiting software holes. The global threat actors are many including terrorists, criminals, hackers, organized crime, malicious individuals, and, in some cases, adversarial nation states. The trends of integration of hardware and software combined with growing networked sensors are redefining the surface attack opportunities for hackers across all digital infrastructures. To help ameliorate threats, critical infrastructure operators should apply a comprehensive risk framework to address vulnerabilities to OT/IT convergence including “security by design”, defense in depth, and zero trust to counter cyber threats. It is especially important for the public and private sectors to coordinate and apply and enforce industry security protocols, especially related to Supervisory Control and Data Acquisition (SCADA). The Internet was not built for security at its inception; it was built for connectivity.

Industry and government protocols derived from lessons learned

Quantum security is important and with quantum computers would answer queries existing technologies cannot resolve, by applying quantum mechanics to compute various combinations of data simultaneously.

• The world will store 200 zettabytes of data by 2025. These include data stored on private and public IT infrastructures on utility infrastructures, on private and public cloud data centers, on personal computing devices.

• Factors that influenced the Malthusian expansion of the global cyber-attack include digital transformation, and the commercial model of more people doing business over the internet. We have progressed into the early stages of the “Fourth Industrial Revolution” which is highlighted by digital interaction and the meshing of machine and human: our ways of life are increasingly transitioning to online.

Indeed, we are seeing the results of “digital transformation” hastened by Covid-19 due to individuals having to work remotely from their homes instead of in offices. Home offices are not as protected as the fortified office sites that have more secure firewalls, routers, and access management run by Its security teams. Remote work has created new opportunities for hackers to exploit vulnerable employee devices and networks. Dorit Dor, vice president of products, Check Point Software elaborated on how the digital transformation. “Businesses globally surprised themselves with the speed of their digital initiatives in 2020: it’s estimated that digital transformation was advanced by up to seven years.”

We hope we have given you at least a primer on current trends. Consult & Contact us at https://www.soteryx.com/contact.

Christopher Chambers is Vice President and Soteryx General Counsel; Spencer J. Whittle is a Senior in English and Marketing Sociology at Elmira College.