Just as the number of connected consumer things is increasing, so too are industrial things such as pumps, valves and remote terminal units. These devices are being integrated into standard technology platforms, and are being connected to the Internet in pursuit of operational efficiencies such as predictive maintenance and smart metering. This means that operational technology will be vulnerable to threats faced by all other networked technologies, which increases the surface area of risk available to threats from bad actors. But there are various ways to scale cybersecurity efforts in an age dominated by the IoT.
Many security technology overlaps exits between the IoT and IT, however, IoT security involves monitoring physical devices, connections, authentications and data transfers at a greater volume than is common in IT today. Considering the scale of IoT, trying to secure its data and devices is essentially a challenge beyond human capabilities, both physical and economic. This is where machine learning and AI step in, as they are able to scale beyond the physical and fiscal boundaries.
For the most part, cognitive computers work best when they have large amounts of data to train on. IoT provides an extremely large population from which to draw measurements. In a system designed and trained to look for the smallest inconsistencies among millions of transactions, a hacker’s behavior and actions could stand out. By training intelligent systems on data and IoT scale, future deviations from normal are easier to see. This also adds new tools to your IoT cyber arsenal – algorithms and data science. If you take a closer look at the cybersecurity market, all the major players have added machine learning and data science to their offerings.
Using cognitive computing can add another layer of defense, by feeding its outputs into security information and event management (SIEM). Key to IT security for many years now, SIEM can span entire environments and provide tools for detecting and remediating security incidents. It will remain key to IT, IoT, and operational technology security going forward because as the number of connected things increases, so too will the need to quickly and intelligently sift through all of the information they produce.
Running SIEM on high-performance computers, employees sheer computational power via usage of high-density CPUs, GPUs and memory to detect the unusual and unwanted activity among an increasing amount of noise. As anomalies are detected, this data can be pushed as security updates to gateways and endpoints, worldwide and in near-real time. In reverse, connected things can push their data to the cloud/data center to be analyzed by intelligent back-end servers enabling you to build a composite view of your entire surface area.
The risks are real when it comes to securing IoT. Breaking it down and applying IT principles and tools where they make sense can make IoT security more manageable and scalable.