Story image

IoT security: prioritise, practice, and predict

11 Apr 2018

With an influx of new smart home devices having entered Australian shores in the first few months of 2018, many Australians are welcoming these new convenient helpers into their homes.

Not too far removed from our personal lives, Australian businesses are dipping their toes into the Internet of Things (IoT) to gain benefits such as efficiencies and operational insights, from production flow monitoring to inventory management.

On the security side, IoT poses a tangible risk, however. As we continue to entrench our personal and professional lives with more ‘connected things,’ we drive both new levels of innovation, and at the same time, open ourselves up to a security minefield.

Regrettably, Australian organisations are already struggling even without this added layer of risk. In a recent report, we found that Australian companies face some of the highest numbers of IT incidents per month globally, and feel they are just about managing or struggling to deal with the volume of events.

It is therefore not particularly surprising that security in operational technology (OT) still remains the laggard. These systems used to control valves, conveyors and other machines to regulate variables such as temperature or pressure are critical to many modern organisations. However, the convergence of IT and OT opens up new attack surfaces.

Hackers have quickly learned the value in targeting OT which can bring business operations to its knees with shutdowns, equipment damage, supply-chain disruption, revenue losses and safety risks.

Finding a way to collect, store and analyse IT and OT data in silos is reasonably simple. Practising an analytics-driven approach to security by gathering relevant data from disparate sources to convert it into actionable insights, however, is a whole different ballgame.

To tackle some of these issues arising from the influx of new data sources, we recently developed our own solution that helps organisations in industries such as manufacturing, energy and utilities monitor and analyse industrial IoT data in real time.

Data gathered from IoT devices can empower businesses to take action across the whole ecosystem in real-time. This device-generated data provides a whole new lens to not only the industrial engineers but also security analysts; a real-world view for a proactive stance to investigating and responding to a breach or infection.

With data, one thing is certain: maintaining a consolidated view of what’s taking place in your network at any given moment is now a necessity. Each ‘connected thing’ opens new doors into personal intelligence, corporate intelligence and even public safety. Through these doors, we open ourselves up – as individuals and organisations – to new weaknesses hackers could exploit.

It is imperative for Australian businesses and decision makers to take this risk seriously.

Article by ‎Splunk Australia and New Zealand area vice president Simon Eid

Data center colocation market to hit $90b in next five years
As data center services grow in popularity across enterprises large and small, the colocation market is seeing the benefits in market size.
Automation beginning to impact Aussie workforce
18% of those surveyed said automation has already impacted their job ‘significantly’, with their duties changing or their role becoming redundant.
OVH launches public cloud down under
OVH Public Cloud services is expanding to Australia out of two data centres - one in Sydney and one in Singapore.
Acer’s new programme and portal for partners
A simple and manageable programme designed to incentivise, recognise and reward commercial partner achievements.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
In ongoing cloud war, Google to acquire data migration specialist
Google is currently behind AWS and Microsoft in the cloud battle, and it would seem this play is an attempt to claw some ground back.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.