Story image

IoT security: prioritise, practice, and predict

11 Apr 2018

With an influx of new smart home devices having entered Australian shores in the first few months of 2018, many Australians are welcoming these new convenient helpers into their homes.

Not too far removed from our personal lives, Australian businesses are dipping their toes into the Internet of Things (IoT) to gain benefits such as efficiencies and operational insights, from production flow monitoring to inventory management.

On the security side, IoT poses a tangible risk, however. As we continue to entrench our personal and professional lives with more ‘connected things,’ we drive both new levels of innovation, and at the same time, open ourselves up to a security minefield.

Regrettably, Australian organisations are already struggling even without this added layer of risk. In a recent report, we found that Australian companies face some of the highest numbers of IT incidents per month globally, and feel they are just about managing or struggling to deal with the volume of events.

It is therefore not particularly surprising that security in operational technology (OT) still remains the laggard. These systems used to control valves, conveyors and other machines to regulate variables such as temperature or pressure are critical to many modern organisations. However, the convergence of IT and OT opens up new attack surfaces.

Hackers have quickly learned the value in targeting OT which can bring business operations to its knees with shutdowns, equipment damage, supply-chain disruption, revenue losses and safety risks.

Finding a way to collect, store and analyse IT and OT data in silos is reasonably simple. Practising an analytics-driven approach to security by gathering relevant data from disparate sources to convert it into actionable insights, however, is a whole different ballgame.

To tackle some of these issues arising from the influx of new data sources, we recently developed our own solution that helps organisations in industries such as manufacturing, energy and utilities monitor and analyse industrial IoT data in real time.

Data gathered from IoT devices can empower businesses to take action across the whole ecosystem in real-time. This device-generated data provides a whole new lens to not only the industrial engineers but also security analysts; a real-world view for a proactive stance to investigating and responding to a breach or infection.

With data, one thing is certain: maintaining a consolidated view of what’s taking place in your network at any given moment is now a necessity. Each ‘connected thing’ opens new doors into personal intelligence, corporate intelligence and even public safety. Through these doors, we open ourselves up – as individuals and organisations – to new weaknesses hackers could exploit.

It is imperative for Australian businesses and decision makers to take this risk seriously.

Article by ‎Splunk Australia and New Zealand area vice president Simon Eid

Bitglass appoints new cloud, business development leaders
The cloud security company has appointed vice presidents for worldwide channels and worldwide business development.
Ping Identity offerings accelerates cloud MFA and SSO adoption
90% of respondents trust MFA as an effective security control to protect identity data in public clouds, yet only 60% of organisations have formally adopted it.
Ingram launches CRM backup on cloud marketplace
AvePoint Cloud Backup for Dynamics 365 is a multi-tenant solution, designed with specific features to enable channel partners and MSPs.
Trend Micro introduces cloud and container workload security offering
Container security capabilities added to Trend Micro Deep Security have elevated protection across the DevOps lifecycle and runtime stack.
Veeam joins the ranks of $1bil-revenue software companies
It’s also marked a milestone of 350,000 customers and outlined how it will begin the next stage of its growth.
Veeam enables secondary storage solutions with technology partner program
Veeam has worked with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration.
Veeam Availability Orchestrator update aims to democratise DR
The ability to automatically test, document and reliably recover entire sites, as well as individual workloads from backups in a completely orchestrated way lowers the total cost of ownership (TCO) of DR.
Nuix eyes legal sector as eDiscovery demand skyrockets
eDiscovery must encompass so much more than email and documents. If you haven’t looked at text messages and online chats, digital images, mobile devices, data in the cloud and social media, you’re not getting the whole story.