The Challenge of Cybersecurity in the Internet of Things (IoT) – And What You Can Do About It

Contributed by

9 min read

It is no secret that as more and more devices connect to the internet, the challenges of securing the data that they transmit and the communications that they initiate are becoming more profound. Back in 2013, when Gartner first came out with the report stating that we would see 26 billion devices by 2020, it was already crystal clear that with the IoT hype, we would also witness the greatest threats to data security come to life. Several examples come to mind, when devices in the field have been compromised by hackers trying to prove that the internet link connecting the device is compromised. Remember the Jeep Cherokee hacking incident back in 2015?

Over the years, we have seen a surge in IoT devices, broadly in 2 areas – in homes and in manufacturing. With the former, we have seen an entire ecosystem built around Amazon's Echo devices using the Alexa Voice Service. Google, Microsoft, and Apple have followed suit as well. Since these are independent and closed platforms, the responsibilities of securing the devices rest with the platform providers. In this blog, we will discuss cybersecurity in manufacturing and related industries. In industrial manufacturing and other such capital-intensive industries, it would be fair to say that the challenges of securing IoT devices are several and unsolved for the most part, due to a variety of reasons.

As SCADAhacker highlights, industries such as manufacturing, oil & gas, refining, pharmaceuticals, food & beverage, water treatment, and many more are constantly looking to add the right layers of security, as they bring an increasing number of equipment and devices online. Device manufacturers and plant operations managers constantly face pressure to protect their physical assets from cyber threats. Moreover, for each of these industries, the nature of the data, topologies of IoT devices, and complexities of threat management and ensuring compliance vary widely. To give the reader a taste, back in March 2016, hackers were able to change the levels of chemicals used to treat water by infiltrating a water utility's control system, hence threatening the health and safety of citizens. In this blog, we will explore what security practitioners and plant operators are up against, and what they should look for in an ideal solution.

Deloitte also recently published a perspective in a flashpoint edition series, explaining 5 key challenges facing pretty much every industry.

CYBERSECURITY KEY IMPERATIVES

Regardless of the industry, data security is generally categorized by 4 key pillars: authentication, encryption, authorization, and auditing.

Let's expand on this a little bit in the context of this blog.

  • Authentication : People and assets alike need to be authenticated onto the network to prevent bad actors or "bad assets" early on.

  • Authorization: Once, for example, an IoT sensor has access to a network, authorizing it to a set of services is the next important step. This seldom involves a complex set of policies, based on the credentials and capabilities of the entity requesting access.

  • Encryption: Considering how spread out a process manufacturing plant can get, with IoT sensors, intermediate gateways, and equipment, plant operators often consider encryption at rest and on the wire above most other priorities.

  • Auditing: This step is equally important to each of the above, but often gets forgotten or overseen in most enterprises. Data auditing broadly serves three purposes in industrial manufacturing: (i) assess that the data collected is fit for a given purpose or use case, (ii) assess the impact of quality of data on the manufacturing performance, (iii) help root-cause attacks by maintaining audit trails.

Moreover, industrial manufacturers tend to distribute data across cloud (public, private, hybrid) and on-premises hardware as well as at the edge, mostly based on cost and time to market (TTM) factors. Essentially, this practice results in silos, making it even more difficult to institute best practices or implement 'a' solution to address all of the above. This also often increases the task of protecting these data assets, with IT deploying point solutions across the enterprise.

WHAT ARE WE PROTECTING

Now let's take a quick look at the variety of assets that need to be protected in manufacturing.

Manufacturing Assets

Unstructured time-series data: Data constantly being transmitted from IoT sensors (e.g., heat, pressure, thermal, image depending upon the nature of manufacturing process), robot-arms, equipment and machine logs, RFID tags, fleet sensors, GPS devices.

Mostly structured data: Process control software applications (SCADA and MES), web application and database systems, HVAC and cooling systems, precision measurement devices, HMI terminals, ERP applications, HR and billing systems.

External sources: Weather data, supply chain management (SCM) software, social media.

This is obviously a very small subset of information sources but gives the reader a perspective of the volume and variety of data types manufacturers have to deal with.

WHAT A CYBERSECURITY FOR IOT SOLUTION SHOULD CONSTITUTE OF

With some idea by now on what we need to address, let's jump into what the solution should consist of, at a minimum:

  • It must be capable of locking down data security across the cloud and on-prem as well as for the edge devices with key management and encryption.
  • It must be able to detect anomalies in sensor data— in other words, ensure legit sensors.
  • It must allow maintaining strong encryption at the core, where data is often aggregated as well as at the edge where it is collected.
  • It must be able to maintain audit trails for activities throughout the enterprise and institute a robust data governance.
  • It must allow creating a dashboard, showing potential threats by leveraging data science and machinelearning (ML) approaches to help get ahead of the intruders.
  • In the event a cyberattack does occur, it should enable IT to identify the affected data assets quickly, so access to them can be shutff right away, thereby limiting revenue loss and avoiding a PR nightmare.
  • Lastly, it must allow for IT to make just the right amount of data available to the data engineering and data science teams. In other words, it must help IT keep the balance between securing the enterprise and not stifling the innovation that business demands.

The question remains that with no real standards in place, one would have to implement best practices and point solutions for each of the above. Although this is a great place to start, the issues with this approach are that these security information and event management (SIEM) software products usually don't scale with increasing data or increase the overhead of data and tools management for IT, the end result being missed threats or slower detection of them.

MAPR SOLVES FOR SECURITY IN MANUFACTURING

MapR provides a comprehensive data platform for data security in manufacturing:

  • MapR has scale-out architecture at both the core and edge with a comprehensive security mechanism, including a unique and expressive model of authorization called Access Control Expressions (ACEs).
  • MapR DataOps Governance Framework allows customers to address data lineage and metadata management at scale.
  • With a streams-first architecture, flexible ML, and support for high-speed data ingestion, the MapR Data Platformcollapses the time window from breach to detection.
  • MapR Edge is the industry's only converged data platform that runs at the edge with unified end-to-end IoT security, providing authentication, authorization, and access control from the edge to the central clusters. MapR Edge also delivers secure encryption on the wire for data communicated between the edge and the main data center.

MapR Edge IoT

Additional Resources:


This blog post was published April 24, 2018.
Categories

50,000+ of the smartest have already joined!

Stay ahead of the bleeding edge...get the best of Big Data in your inbox.


Get our latest posts in your inbox

Subscribe Now