Early in my career, a mentor of mine said, “you either participate in this [connected] world, or you don’t. There is no middle area.” We were discussing social applications and the volume of data that is shared both professionally (what tools your team uses) and personally (where you live, what you consume, your preferences, etc.). When I think back to that conversation, which I remember vividly as a turning point in how I view data, I am reminded that the same principle applies to the devices that carry sensitive data. Which, inevitably brings us to this week, where we focus on National Cybersecurity Awareness Month’s (NSCAM) theme of, “If You Connect It, Protect It”.
This week’s theme description:
If you connect it, protect it. The line between our online and offline lives is indistinguishable. This network of connections creates both opportunities and challenges for individuals and organizations across the globe. The first week of Cybersecurity Awareness Month will highlight the ways in which internet-connected devices have impacted our lives and will empower all users to own their role in security by taking steps to reduce their risks.
You Either Have [Connected] Devices, Or You Don’t
In full realization of the fact that not all devices are created with the same intent, all devices are created with the purpose of solving for a want or need. One thing that most devices are not created with is security-in-mind. Connect devices often come with default passwords that go unchanged, have outdated operating systems, and are sending data via insecure protocols. Whether is it a personal device (ie. cell phone, smart watch, etc.) or devices that you have in your office (ie. MRI machines, HVAC controls, workstations, etc.), they all must be accounted for, risks must be known, and high-risk and vulnerable devices must be secured properly.
Steps to securing your IoT devices:
- Have an accurate inventory of all connected devices – you can’t protect what you don’t know about, therefore security starts with granular visibility of all your devices. This is a challenge for organizations because these devices are sometimes offline, they connect via wired and wireless networks, and they are sometimes procured and managed by users outside the purview of security. Accurate asset inventory includes not only an understanding of details such as make, model, serial number and location, but also associated vulnerabilities and recalls.
- Understand how those devices are behaving – to secure IoT devices, you need to understand what “good behavior” looks like. This allows you to baseline what normal patterns of communications look like in your specific environment, so you can identify anomalous and malicious patterns such as C2 communications or abnormal RDP/SMB lateral movement.
- Automate the appropriate response for securing devices on your network – with a complete inventory and understanding of how the devices are behaving on your network, you can automation action to enforce proactive segmentation policies or trigger the appropriate workflows (CMMS, CMDB, IR, etc.)
This week’s theme, “If You Connect It, Protect It” fits well with the Ordr mission of protecting all connected devices and creating a safer network infrastructure. Recently, we began an IoT Discovery Program that allows you to:
- Gain high-fidelity visibility into devices that you may not know are in your network
- Understand risks including communication patterns and vulnerabilities
- Discover usage patterns for your devices
- Map these devices to your Layer 2 and Layer 3 architecture
- Identify appropriate segmentation policies to secure your devices
If you feel this program would be a good fit for your organization, register here: https://ordr.net/sensor/
Through the Cybersecurity Awareness month of October, we will be releasing a set of blogs to focus on weekly topics. Next Tuesday, catch our blog on “Securing Devices at Home and Work”.