Why 2017 is the Year You'll Need to Focus on IoT Security

© Information Security Media Group · www.ismgcorp.com

Assessing Your IoT Security Strategy & What Gaps You

May UncoverPresented by

Manish RaiVP of Marketing

Ty PowersTechnical Product

Manager

About Information Security Media Group

• Focused on providing information security content, specifically for unique vertical industries

• Publish articles, interviews, blogs, regulation & guidance alerts, and whitepapers

• Educational webinars offered daily

Global network of

28 SITESSubscribers from over

175 COUNTRIES


Technical Support

(609) 356-1499 x115

Copyrighted MaterialUsed for individual study purposes only. If your institution is interested in using this, or any of Information Security Media Group’s presentations, as part of an

overall information security program, please contact us at (800) 944-0401.


About SponsorGreat Bay Software provides organizations complete real-time visibility and control over all devices on the most complex of global networks. Great Bay Software's Warehouse of Context™ serves as the industry's richest repository of real-time information on all managed and unmanaged endpoints. Security and IT operations teams use Great Bay's easy-to-deploy, agentless solution to continuously discover, monitor and enforce access policies on every endpoint, which is critical given that two-thirds of an organization's devices, which include printers, fax machines and the Internet of Things, are typically unmanaged. Great Bay's unprecedented speed, scale and simplicity give organizations the power to more effectively protect against modern-day threats, simplify regulatory compliance and streamline operations. For more information about Great Bay Software visit www.greatbaysoftware.com.

http://www.greatbaysoftware.com/


About the Speaker

Manish RaiVP of Products and Marketing, Great Bay Software

Rai is Silicon Valley veteran with more than 15 years of experience in creating and bringing to market industry leading technology solutions spanning Security, Mobility, and SaaS. Rai was previously VP of Corporate Marketing at Meru Networks, a publicly listed company that was acquired by Fortinet. Prior to Meru, Rai helped drive rapid growth for mobility solutions at Aruba Networks, which was subsequently acquired by HP. Earlier in his career, he held various positions at Motorola, Symbol Technologies, eGain and Booz Allen and Hamilton. Rai has an MBA from The Wharton Business School and an MSEE from The University of Arizona.


About the Speaker

Ty PowersTechnical Product Manager, Great Bay Software

Powers has been working in the information technology & security industry for 19+ years. Ty has specialized in all phases of network security from planning and scaling architecture to the implementation and deployment of key network security solutions. With experience ranging from helping the largest fortune 50 organizations to helping small to medium sized businesses strengthen their network security Ty has a unique understanding of the different security challenges organizations face.


Agenda

• Discuss unique security challenges posed by IoT

• Great Bay Software’s IoT Security survey results to benchmark your progress against others

• Explore the key IoT strategies & how to test them out

• Look at immediate best practices to implement & plug relevant security gaps


IoT Expected to Transform EnterprisesInstalled Base by Spending Center, Category and Subcategory, 2020


IoT Breaches are Not New, But are Becoming More Common


IoT Breaches Can Have Serious Implications


Researches Have Been Highlighting IoMT Vulnerabilities


Recent DDoS Attacks Made the Threat Real9/20 : Krebs on Security Attack• Mirai Botnet used in the attack• September 20 attack reached 623 Gbps• Previous record was 363 Gbps• Krebs was a Akamai pro bono customer• Akamai ended up dropping Krebs website


Recent DDoS Attacks Made the Threat Real

10/21: DYN ATTACK• Attack began ~7:10 am ET, targeting East Coast servers

– Mitigated ~2 hours later

• Second wave began ~1:50 ET, global in nature– Recovered ~1 hour later

• Small probing attacks next few hours/days– Prevented without customer impact

http://hub.dyn.com/static/hub.dyn.com/dyn-blog/dyn-statement-on-10-21-2016-ddos-attack.htmlhttp://www.cnbc.com/2016/10/21/major-websites-across-east-coast-knocked-out-in-apparent-ddos-attack.html

Source: A depiction of the outages caused by today’s attacks on Dyn, an Internet infrastructure company. Source: Downdetector.com.

http://hub.dyn.com/static/hub.dyn.com/dyn-blog/dyn-statement-on-10-21-2016-ddos-attack.html

http://www.cnbc.com/2016/10/21/major-websites-across-east-coast-knocked-out-in-apparent-ddos-attack.html


Reasons for IoT Vulnerabilities• Focus on Business Problem not Security• Resource Constraints Lead to Trade-offs• Ltd or No Patching Capability• No support for 3rd party security agent• Unencrypted communication• Built-in Backdoors


Great Bay Software Survey Results: Conducted before the IoT DDoS Attacks

Surveyed over 100 Enterprise Network Security Professionals

Goal: With the exponential growth of IoT devices (both consumer/enterprise) connected to the enterprise network in 2016/17 our aim was to understand:

– How will this effect enterprise endpoint security protocol and best practices? – How are enterprises planning on accommodating for IoT devices?– How will enterprises secure IoT & unmanageable devices on their network compared to

the managed device types.


Great Bay Software Survey Results: Conducted before the IoT DDoS Attacks

“71% of IoT Enterprise Security Professionals Not Monitoring IoT Devices In Real Time”

“43% of those surveyed stated that they have no plans to accurately classify every IoT device on the network and 28% plan to address the issue within the next 6-12 months”


Where to start: IoT Security Strategy• Create cross-functional teams

– IoT crosses traditional boundaries– Create cohesion across IT, InfoSec, and Business Units

• Implement policies and procedures around new device adoption– Endpoint certification/validation etc.– Know the risks and weigh them against the benefits of IoT

• Minimum Security Baselines (MSB)– Document and educate endpoint owners on proper configuration guidelines

• Create a testing and governance team(s)– Validate that the process and procedures are being followed and are working


Where to start: IoT Security Strategy• Be part of the solution, not the problem

– Protect yourself while protecting others– Be good Internet citizens

• Know what’s on your network at all times– What’s on my network?– How long has it been there?– Has it moved?– Why is it on my network?– What is it doing?– Do I trust it?

Mirai-infected devices were spotted in 164 countriesImperva, inc. - https://www.incapsula.com/


Best Practices for Safeguarding your Enterprise Against IoT Threats

• Policies, Procedures, and Action– Practice what you preach

• Execute the IoT security strategy and plans as designed

• Leverage the Network Infrastructure– Control access to the network

• Limit network access to approved devices (Authenticate, Authorize, and Audit)– Ensure proper network segmentation

• Reduce the available attack surface and limit the contamination– Keep the perimeter intact

• Avoid Internet-facing endpoints and services where possible



• Focus on the Endpoints– Deploy real-time endpoint detection and profiling

• What’s connecting to the network?• Where is it located?• How is it behaving?

– Disable remote access to IoT devices as possible• Remote access provides a conduit to vulnerable devices

– Change default credentials immediately• Disable default admin accounts



• Focus on the Endpoints– Disable/Limit protocol usage

• Disable unsecure protocols such as Telnet and FTP as possible• Best practice for many regulatory guidelines

– Ensure that communication ports that should be open are• Are SSH, Telnet and HTTP ports still open?• Attacks such as Mirai disables remote access to limit remediation

– Patch, patch, patch• Patch early and patch often• Not always possible


Takeaways


Questions

Please use the following form for any questions or comments:

http://www.bankinfosecurity.com/webinar-feedback.php

Or contact us at: (800) 944-0401



Thank You for Participating!Please use the following form for any questions or comments:


Or contact us at: (800) 944-0401
