December 4, 2022

– Advertisement –

By Dr. May Wang, CTO and Co-Founder, Chief Technology Officer (CTO) of IoT Security at Palo Alto Networks, and Board Member of Zingbox

– Advertisement –

The need to understand and minimize your risks lies at the foundation of cyber security. Individuals and organizations often risk thinking about what they are trying to protect. When talking about risk in the IT world, we mainly talk about data, with terms like data privacy, data leakage and data loss. But there is more to cyber security risk than just protecting data. So, what should our security risk management strategies be considered? Protecting data and preventing known vulnerabilities are good strategies for cyber security, but they are not the only components of activities a CISO should consider and do. A comprehensive approach to risk management and a strategy that is often missing considers more than just data.

– Advertisement –

The modern IT enterprise certainly consumes and produces data, but it also has a myriad of devices, including IoT devices, that are often not under the direct supervision or control of central IT operations. While data loss is a risk, so are service interruptions, especially as IoT and OT devices play an important role in society as a whole. For example for a health care operation, failure of a medical device can have life or death consequences.

Security Risk Management Challenges

– Advertisement –

Attacks are changing all the time, and device configurations can often be in flux. Just as IT is always in motion, it is important to emphasize that risk management is not static.

See also  Bezos urges consumers and business owners to reduce risk in the face of a likely recession

In fact, risk management is a very dynamic thing, so thinking of risk as a periodic exercise is missing the mark. Several dimensions of the IT and IoT landscape need to be considered while evaluating risk. There are different users, applications, deployment locations and usage patterns that organizations need to manage risk, and those things can change frequently and regularly.

There are many challenges with security risk management, not the least of which is the size and complexity of IT and IoT assets. CISOs today can easily become overwhelmed with information and data coming in from the ever-increasing amount of equipment. Along with the volume there is a huge variety of different types of equipment, each with its own special attack surface. The awareness of all IT and IoT assets and the particular risk each one can represent is not an easy thing for a human to document accurately. The complexity of managing the variety of policies, tools, and access controls in a distributed enterprise, in an approach that minimizes risk, is no trivial task.

A better strategy for managing security risks

Security risk management is not a single task or a single tool. It is a strategy that includes several key components that can help CISOs bridge gaps and build a better foundation for positive outcomes.

Establish visibility. To bridge the gap, organizations first need to know what they have. IT and IoT asset management is not just about knowing what managed devices exist, but knowing unmanaged IoT devices and understanding what operating system and application versions are present at all times.

See also  Choosing the Right Cloud for Data Sovereignty

Ensuring continuous monitoring. Risk is not constant, and monitoring should not be either. Continuous monitoring of all changes, including who is accessing the network, where devices are connecting and what applications are doing it, is critical to risk management.

Focusing on network segmentation. Reducing risk in the event of a potential safety incident can often be achieved by reducing the “explosion radius” of the hazard. With network segmentation, where different services and devices only run on specific segments of a network, the attack surface can be reduced and we can use unmanaged and unmanaged IoT devices as a springboard for attacks to other areas of the network. can be saved. Therefore, rather than a single exploit in one system affecting the entire organization, the effect may be limited to just the network segment that was attacked.

Prioritizing threat prevention. Threat prevention technologies such as endpoint and network security are also fundamental components of an effective security risk management strategy. Equally important for threat prevention is the correct policy configuration and least privileged access to endpoints including IoT devices and network security technologies to prevent potential attacks.

Executing the above strategic components at scale can be better achieved with machine learning and automation. With the increasing amount of data, network traffic, and devices, it is not possible for a single human being, or even a group of humans, to maintain it. Using machine learning-based automation, it is possible to rapidly identify all IT, IoT, OT and BYOD devices to improve visibility, correlate activity in continuous monitoring, recommend the right policies for less-privileged access It is possible to suggest customized configurations for network partitions. And add an extra layer of security with proactive threat prevention.

See also  Europe ramps up vitality safety after suspected sabotage

About Dr. May Wang:

Dr. May Wang is the CTO and co-founder, Chief Technology Officer (CTO) of IoT Security at Palo Alto Networks, and board member of Zingbox, which was acquired by Palo Alto Networks in 2019 for Internet of Things security solutions. (IoT).

Source link

– Advertisement –