The paramount role of security

The article by Mr. Scott Register – Vice President of Security Solutions at Keysight Technologies further analyzes the approach to ensuring security against this wave.

The strong development of the multi-connected world

Today, we enjoy the convenience afforded by universal connectivity. Cars can adjust their own journey depending on traffic jams, we can sit in place to adjust lights or air conditioners, or can update blood sugar readings every minute and accurately monitor the flow of energy through. smart grid and optimize production with smart factory layout.

Thanks to technologies such as Bluetooth Low Energy, WiFi, and 5G, the deployment of the Internet of Things (IoT – Internet of Things) continues to accelerate. However, according to a recent Forrester report, 69% of survey respondents estimate that at least half of the devices on their enterprise or IoT networks are unmanaged and unmanaged. 26% estimate that on their network, there are three times more unmanaged devices than managed devices.

Yes, every new technology has limitations when it comes to application. One of the biggest limitations is the ability to build and deploy connected smart devices that has far outstripped our understanding and applicability of how to secure these devices.

We have seen large botnets take control of IoT device farms and shut down large parts of the Internet, the number of medical institutions hit by ransomware has skyrocketed affecting the Connected medical devices and privacy violations affect everything from baby monitors to smartwatches.

Useful lessons about security

IoT devices are truly special devices. We’ve established security best practices for traditional IT devices, such as Linux servers and Windows laptops. These methods are not perfect, but in practice, regularly updating the operating system and any endpoint security software will eliminate most of the security weaknesses in the system. An analysis conducted in early 2022 showed that security vulnerabilities that existed between 2017 and 2018 continue to be the most exploited ones; and a simple and free operating system update will help limit these vulnerabilities.

However, ordinary IoT devices are black boxes – we don’t know what operating system or library versions these devices use, and even with the information, we can’t do it. mandatory update, but must wait for the patch from the manufacturer.

There is no real standard or consistency for tracking security flaws across connected devices. The only way we can determine where the problem lies is to test ourselves. Then, with a better understanding of the impact IoT devices have on the attack surface, we can deploy targeted mitigation strategies to address discovered vulnerabilities.

Obviously, this is useful information and a good strategy to implement. But how do we know that defensive tools are being used to secure our traditional and non-traditional IT devices, including network, cloud and network security tools? , email and endpoints, working? How do we know if a new threat is emerging that can bypass the firewall, is secretly running on an endpoint, or has bypassed our email gateway to attack an What other caught scam victims?

Let’s continue to apply the same principles as above: we need to regularly check our defenses to make sure they are optimized and fine-tuned to detect the latest attacks. that threat actors are deploying against us. Thanks to that, we can switch to the offensive position and think like an attacker. We can test and probe our own networks and devices, detect security weaknesses and attack routes ourselves, instead of waiting for the bad guys to do those jobs.

We can stay ahead of hackers by uncovering and closing gaps in surveillance detection and visibility before hackers use them against us.

Bich Dao