Blog

Forewarned is forearmed: why and how to rehearse IoT security

Simon Trend, managing director of group services, makes the case for practising incidents to optimise IoT security

Companies deploying IoT solutions must prioritise security so they can defend, detect and react in the face of cyber threats. However, designing solutions with security in mind is just one part of the total picture. To be confident of how effective their approach is, companies should also rehearse to reveal any gaps and identify the actions they should take to further mitigate risk.

Why businesses must act on IoT security

IoT solutions face considerable security threats. Cybercriminals will seek out any vulnerabilities they can find to exploit and profit from, and cause disruption. As the IoT device estate grows, so too does the opportunity to breach enterprises’ defences and cause security incidents. Unfortunately, such events do happen. According to a report by SonicWall there were 57 million IoT malware attacks in the first half of 2022, an increase of 77%.

Malware, ransomware and all other types of cyberattacks can cause significant damage on a number of levels. Businesses incur the cost of identifying and stopping the attack first of all, then they must pay to put the issue right, after that they can count the cost of down time and recovery.

On top of all this, companies may incur fines if the security incident involved a compliance failing. They may also have to recall devices, which can cost millions. However, the biggest cost of all is often the inestimable brand and reputational impact.

To get a viewpoint on the kind of figures that can be involved, we can look at reports such as IBM’s Cost of a Data Breach 2022 which put the average cost of a ransomware attack at $4.5 million.

Despite the clear threat, Kaspersky reports that 43% of businesses don’t fully protect their IoT solutions. Over a third (35%) refer to a lack of staff or specific IoT security expertise while 40% cite difficulty in finding a suitable solution.

It is not surprising, therefore, that an enterprise survey conducted by Transforma Insights in 2022 found that security was the second most influencing factor, behind only IoT reputation/brand, when enterprises choose a vendor.

How can businesses secure IoT solutions?

Businesses must take a ‘root-and-branch’ approach to IoT security. The threat can come from anywhere and target any one of the multiple parts of an IoT deployment. It might go after the device, the application or the data transfer; it might even find a way in through the behaviour of employees or processes that leave vulnerabilities.

To mitigate the risk, companies should defend, detect and react. Wireless Logic summarises the measures that businesses should take across technology capabilities, standards and best practices in the Security Framework, illustrated here:

 

The framework defines a series of actions to defend solutions. These include preventing unauthorised device, cloud infrastructure or data access, keeping device software up to date and complying with market and industry regulations.

Astonishingly, it takes on average 212 days to detect a data breach, according to an IBM Security/ Ponemon Institute report. To detect any unwanted activity, companies should monitor device behaviour and analyse network traffic to spot anything that is unusual.

Finally, to react in the event of a breach, companies must act swiftly and accurately to quarantine and clean affected devices, report breaches and apply corrective actions. Automated countermeasures may include forcing a software update or taking a device out of service altogether.

How to rehearse IoT security: forewarned is forearmed

Defending, detecting and reacting are all critical to minimise the risk of weak links in the chain of IoT security but so too is rehearsing. Companies must arrive at the optimal way to handle a situation by practising.

Rehearsing security at the design phase, before products are introduced to the market, can result in issues being resolved before they can cause problems, as well as designing for the right behaviours.

That said, companies must still prepare for potential attacks. One of the most important things to rehearse is recognising an issue and instigating an appropriate response. This is because speed of response is central to the outcome of a security incident and scenario rehearsals can have a huge impact on it. Forewarned is, after all, forearmed.

‘Digital twins’ can be used to model security threats by acting as virtual representations of devices or processes. By running simulations, companies can rehearse scenarios such as firmware updates over-the-air. These can reveal how applications will react to updates, identifying, for example, false flags so these can be addressed for smooth ‘real world’ application.

Be prepared by stimulating an attack

Tools that simulate security attacks help businesses to rehearse how they will respond and act, in the event of an actual incident.

Specialist companies also offer workshops during which they will present a ‘what if?’ mocked-up situation. These are specific to the organisation and IoT solution, with scenarios that map to the applications and systems the business uses. They will facilitate a detailed walk through of the steps the company should take to deal with such a situation. All of which provides valuable insight.

It is important that businesses have a ransomware strategy and rehearse how they would react to a ransomware event. There are questions to consider here, including whether or not to pay in the event of a ransom demand, and whether to take out ransomware insurance. If going down the insurance route, businesses should be clear on if it will cover only the cost of the ransom. There are additional potential costs that could be incurred, such as those involved in resolving an issue and revenue, and possibly reputational damage.

A company in the midst of dealing with a ransomware attack should not be considering these important choices for the first time. They should think through what they would do in advance, and prepare for and practise potential attacks.

Businesses must act on IoT security to mitigate the risk of cybersecurity incidents which can be far-reaching and damaging. IoT solutions comprise many parts, all of which should be considered and protected, without forgetting the importance of people and processes. Rehearsing IoT security is essential to prepare the business in the best possible way and reveal any gaps that must be plugged.

To find out how Wireless Logic can help with your IoT security, get in touch.

Recent posts

Article 3rd December 2024

Colin Neale, Principal Business Development Manager, advises healthcare on connecting digital applications

Read more
News 27th November 2024

u-blox' SARA-R10001DE will offer flexible and reliable connectivity management throughWireless Logic's leading global IoT network

Read more
Article 4th November 2024

Toby Gasston, product manager, explains why eSIM is set to take off, what that means for simpler global IoT deployments and how to get started. 

Read more
Wireless Logic

[contact-form-7 id="fd7df5e" title="WP - Gated Content - New one for Jen"]

[contact-form-7 id="20126" title="Generic Sales Contact V2"]

[contact-form-7 id="19345" title="Trial Request"]