Following recent reports that data security is becoming a bigger challenge for IoT, NETSCOUT a service assurance and cybersecurity company, discussing the industry’s collective responsibility in addressing this growing problem – and how it’s starting to affect all aspects of modern society.
Steinthor Bjarnason, Network Security Research Engineer at Arbor Networks, Security Division of NETSCOUT:
“IoT devices have traditionally had limited security capabilities. This is partly because these devices were never designed to operate in unfriendly environments, but is also due to a lack of processing power within the devices themselves to implement proper security countermeasures. As more and more IoT devices come online, however, the risk of them being attacked or compromised is increasing dramatically and has the potential to cause issues with the services they provide. There’s also a growing threat that IoT devices themselves could be used as attack tools.
“In the past, IoT devices have operated on isolated networks with very limited outside connectivity. Now they are being connected to the outside world. This presents a wide range of potential issues that need to be addressed regarding trust boundaries, access, and ensuring proper operation. Businesses, both large and small, need to be aware of these issues and must take action to deal with the potential problems they could cause before IoT solutions are rolled out.
“To address this problem, IoT vendors need to not only think about their one-to-one relationship between device and server; they also need to consider the entire network, as well as the network of networks. To do this well, they need to build service assurance into the network from day one, making sure any critical communication from IoT devices can be identified in real-time and thereby allowing potential issues to be addressed before they become big problems.”
[su_box title=”About NETSCOUT” style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.