Story image

IoT security: prioritise, practice, and predict

11 Apr 2018

With an influx of new smart home devices having entered Australian shores in the first few months of 2018, many Australians are welcoming these new convenient helpers into their homes.

Not too far removed from our personal lives, Australian businesses are dipping their toes into the Internet of Things (IoT) to gain benefits such as efficiencies and operational insights, from production flow monitoring to inventory management.

On the security side, IoT poses a tangible risk, however. As we continue to entrench our personal and professional lives with more ‘connected things,’ we drive both new levels of innovation, and at the same time, open ourselves up to a security minefield.

Regrettably, Australian organisations are already struggling even without this added layer of risk. In a recent report, we found that Australian companies face some of the highest numbers of IT incidents per month globally, and feel they are just about managing or struggling to deal with the volume of events.

It is therefore not particularly surprising that security in operational technology (OT) still remains the laggard. These systems used to control valves, conveyors and other machines to regulate variables such as temperature or pressure are critical to many modern organisations. However, the convergence of IT and OT opens up new attack surfaces.

Hackers have quickly learned the value in targeting OT which can bring business operations to its knees with shutdowns, equipment damage, supply-chain disruption, revenue losses and safety risks.

Finding a way to collect, store and analyse IT and OT data in silos is reasonably simple. Practising an analytics-driven approach to security by gathering relevant data from disparate sources to convert it into actionable insights, however, is a whole different ballgame.

To tackle some of these issues arising from the influx of new data sources, we recently developed our own solution that helps organisations in industries such as manufacturing, energy and utilities monitor and analyse industrial IoT data in real time.

Data gathered from IoT devices can empower businesses to take action across the whole ecosystem in real-time. This device-generated data provides a whole new lens to not only the industrial engineers but also security analysts; a real-world view for a proactive stance to investigating and responding to a breach or infection.

With data, one thing is certain: maintaining a consolidated view of what’s taking place in your network at any given moment is now a necessity. Each ‘connected thing’ opens new doors into personal intelligence, corporate intelligence and even public safety. Through these doors, we open ourselves up – as individuals and organisations – to new weaknesses hackers could exploit.

It is imperative for Australian businesses and decision makers to take this risk seriously.

Article by ‎Splunk Australia and New Zealand area vice president Simon Eid

Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nozomi and RIoT to deliver advanced ICS security solutions to Australia
''As a specialised integrator of robust and resilient ICT and IoT solutions within Australia, we are delighted to be partnering with Nozomi Networks."
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.