The traditional threat landscape comprised of conventional IT assets is difficult enough to protect, detect and respond to, but the landscape seems to be quickly expanding beyond traditional IT. Those new domains are operational technology (OT), the internet of things (IoT) and the internet of medical things (IoMT).
Devices from non-traditional IT environments are finding their way onto corporate intranets, which can create a shadow IT environment. These devices are unmanaged and some managers dont have a full understanding of the risks associated with these devices. More visibility into these devices could help a chief information security officer (CISO) to understand whether they are acting appropriately. As the number of connected devices within an enterprise grows, so too does the attack surface if these connected and shadow devices do not have security built into them. This wave of digital transformation provides new attack vectors that could come with significant and far-reaching risk and liability.
Industrial organizations are adding many connected technologies into the manufacturing process, such as industrial control systems (ICS), supervisory control and data acquisition systems (SCADA), distributed control systems (DCS), programmable logical controllers (PLC) and smart sensors. Manufacturing environments have devices on the assembly line and robots, oil pipelines have pressure sensors, and food facilities have temperature sensors. With the addition of these numerous connected devices can come mounting security risks to critical infrastructure.
A yearly research study conducted by IBM shows that in 2019 there was a 2,000 percent increase in OT cybersecurity attacks. Yes, you read that correctly 2,000 percent. As operational organizations and industries experience innovation and connectivity, bad actors can take notice and execute security attacks. To help mitigate these risks, organizations can adopt an operational technology security strategy.
As businesses modernize their operational equipment and traditional IT systems rely on operational data to optimize and improve organizational metrics, the two environments are converging. Traditional IT infrastructure can control physical assets in the operational technology domain, and this overlap allows an IT breach to target OT devices. In 2019, IBM X-Force Incident Response and Intelligence Services (IRIS) responded to a breach where ransomware infected an IT system and moved laterally into OT infrastructure. The attack brought plant operations to a halt and caused a ripple effect in global markets. Research also shows that threats to industrial control systems and operational technology will likely continue to grow.
The combination of digital transformation and the Internet of Everything can reshape the modern landscape of goods and services. Additionally, the new dawn of 5G could bring blazing connection speeds and have significant impacts on the number of connected devices. If we look across offices, factories, hospitals and transportation networks, we see numerous devices throughout the organization:
All of these devices are designed to connect and transmit information to other devices and systems. However, IoT devices can present a rapidly growing enterprise security risk. Why is that? IoT devices generally do not have security agents installed. Security agents are pieces of software that allow the collection of device data and enable protection of the device. However, there are connected and unmanaged smart devices that do not have this capability. These issues can make IoT devices easier for attackers to access remotely. IBMs Threat Intelligence Index reports widespread use of command injection (CMDi) attacks containing instructions to download malicious payloads targeting various types of IoT devices. Because many IoT devices do not have security agents to monitor these attacks, we need to take an agentless approach to help gain visibility into devices and their activity on a network.
How do you implement an agentless approach? Machine learning (ML) and artificial intelligence (AI) are a big part of it. Security providers first create an enterprise-scale knowledge base of an organizations devices and combine that with a device behavior crowdsourcing engine. This crowdsourcing engine uses ML and AI to determine when a device exhibits abnormal behavior. For example, an IP camera that is behaving differently than hundreds of others across a clients environment can be flagged as a possible threat.
Additionally, the internet of things is bringing its connectivity to all markets, including the medical industry. The internet of medical things generally refers to a group of medical devices, software applications and infrastructure all connected to the internet. These devices can include heart pumps, patient trackers, blood infusion pumps and more. Patient data captured from these connected devices helps to inform decisions by healthcare providers. Therefore, a cybersecurity threat to these devices could interfere with care and potentially cause physical harm to patients. IBMs Threat Intelligence Index reports that healthcare was the 10th most targeted industry for cybersecurity attacks in 2019.
In short, many organizations are on a journey of digital transformation that is increasing the number of devices and ultimately the variety of threat vectors as potential security targets. The security domain touches on every area of an organization including OT, IoT and IoMT areas.
So how do we provide threat management for all of these connected and unmanaged devices?
The convergence of the device landscape presents a new challenge for organizational security. Attacks against the IoT, for example, need to be analyzed to determine the IT assets the attacker may be ultimately after. In many cases, the IoT or OT device is being utilized as an attack vector only, which ties the security of connected devices to that of traditional IT assets.
Securing these domains requires an integrated approach to threat management and an understanding that threat management is a journey. The NIST Cybersecurity Framework provides a programmatic approach that addresses the entire life cycle of threats. NIST outlines the following five core tasks:
Using a standardized approach such as NISTs can help organize the activities of a security or incident team by outlining a logical, practical approach to incident management. A standards-based approach provides a reliable, repeatable framework for managing multiple types of security incidents and encourages transparency, a shared vocabulary and predictable outcomes in responding to threats.
Potential benefits of using this approach include:
Threat management is the heart and soul of any security organization. Using a standardized approach can help organizations integrate threat and incident life cycle management. Performing NIST functions across the new hybrid landscape can help security organizations manage cybersecurity risks.
IBMs X-Force Threat Management is an integrated program of services and technology designed to help your organization through the entire threat management journey. Our X-Force Threat Management solution helps implement the NIST framework for the OT, IoT and IoMT domains to bring visibility into unmanaged and connected devices. Our solution offers:
We leverage technology that discovers potential threats in your environment managed and unmanaged devices, both on and off your network as well as in your airspace. IBMs X-Force Threat Management integrates the capabilities of offensive security services, managed security services, artificial intelligence, incident response and continuous improvement. IBM X-Force Threat Management offers integrated threat and incident life cycle management.
Learn more about X-Force Threat Management
- Is COVID-19 Making the Internet Sick? - Government Technology - May 27th, 2020
- Thanks to Physics, This Chocolate Is Iridescentand Safe to Eat - Smithsonian.com - May 27th, 2020
- $100 million in bounties paid by HackerOne to ethical hackers - BleepingComputer - May 27th, 2020
- Types of Encryption: 5 Encryption Algorithms & How to Choose the Right One - Security Boulevard - May 27th, 2020
- Asian consumers worried about securing their data - BusinessWorld Online - May 27th, 2020
- Move online to survive businesss new mantra - BizNews - May 27th, 2020
- China Demands Us Withdraw Sanctions on Tech Suppliers - Manufacturing Business Technology - May 27th, 2020
- DDoS Protection Market Overview, Regional And Restraint Analysis By 2020 2026 - 3rd Watch News - May 27th, 2020
- Galaxy S20 security is already old hat as Samsung launches new safety silicon - The Register - May 27th, 2020
- Amid the COVID-19 crisis and the looming economic recession, the Electronic Bill Presentment and Payment (EBPP) market worldwide will grow by a... - May 27th, 2020
- Global Internet of Things (IoT) Security Market Research Studies Competitive Strategies, Regional Analysis Forecast 2025 - WaterCloud News - May 27th, 2020
- When COVID-19 and Economic Fallout Put Millions of Kids in Unsafe Places, Communities in Schools Went in After Them. - The 74 - May 27th, 2020
- DNS over HTTPS: How to activate it on Windows 10 Build 19628 - WinCentral - May 27th, 2020
- The lack of women in cybersecurity leaves the online world at greater risk - The Conversation US - May 17th, 2020
- COVID-19 Impact and Recovery Analysis | Internet of Things (IoT) Security Market 2020-2024 | Increasing Incidence of Cyberattacks to Boost Growth |... - May 17th, 2020
- Break On Through To The Other Side - Seeking Alpha - May 17th, 2020
- Post-COVID 19: The Virtual World And Digital Participation And Its Challenges In Ghana - Modern Ghana - May 17th, 2020
- Embracing Remote Learning and Working after COVID-19 as our New Reality - THISDAY Newspapers - May 17th, 2020
- The lack of women in cybersecurity leaves the online world at greater risk - Kiowa County Press - May 16th, 2020
- Internet security Market Research Report 2020 By Size, Share, Trends, Analysis and Forecast to 2026 - Cole of Duty - May 16th, 2020
- The best antivirus protection of 2020 for Windows 10 - CNET UK - May 16th, 2020
- Bill Proposes to Incentivize Cybersecurity Innovations With Cash Prizes - Nextgov - May 16th, 2020
- The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet - WIRED - May 16th, 2020
- Spains DGT Warns Of A New Scam Circulating Which Tricks Users Into Giving Their Data - Euro Weekly News - May 16th, 2020
- What is the Internet of Things? - Fox Business - May 16th, 2020
- Air Force aims to make secure mobile identity management the norm - FCW.com - May 16th, 2020
- Internet Security Market Analysis, Size, Regional Outlook, Competitive Strategies and Forecasts to 2027 - Cole of Duty - May 9th, 2020
- (2020-2026) Internet Security Audit Market to Witness Robust Expansion throughout the Forecast Period - Cole of Duty - May 9th, 2020
- OODAcast A Conversation With Lou Manousos, CEO of RiskIQ - OODA Loop - May 9th, 2020
- COVID-19 Crisis To Help Akamai Replicate $300 Million+ Revenue Growth From The Past 2 Years? - Forbes - May 9th, 2020
- Global Internet Security Market is Segmented by Applications, Technology, Product Type And Service and Region - TechnoVally - May 9th, 2020
- Google Releases May 2020 Android Security Patch; Fixes Bug That Allowed Remote Code Execution - Mashable India - May 9th, 2020
- Gregory Boehm | The Harvard Press | News | Obituaries - Harvard Press - May 9th, 2020
- Wifi/ Internet/ IoT Testing and Security Solutions Market 2020 by Company, Regions, Type and Application, Forecast to 2024 - Cole of Duty - May 9th, 2020
- More Salt in their wounds: DigiCert hit as hackers wriggle through (patched) holes in buggy config tool - The Register - May 9th, 2020
- Zoom's Rise, Reign and Era of Reform at the Top of the Teleconferencing Throne - BroadbandBreakfast.com - May 9th, 2020
- The Pleasures and Pitfalls of Motherhood on Instagram - ELLE.com - May 9th, 2020
- Global IT Security Spending in Government Market Expected to reach highest CAGR by 2025: Check Point Software Technologies, Cisco Systems, Fortinet,... - May 9th, 2020
- Millions of Android users need to update, or risk having attackers take over their phone - Express - May 9th, 2020
- Deal of the Month: 50% off Integos Mac Internet Security X9 bundle - 9to5Mac - April 20th, 2020
- COVID-19 impact: Internet Security Firewall Market: Promising Growth Outlook with a Steady CAGR of X% 2020-2026 Cole Reports - Cole of Duty - April 20th, 2020
- Russia And China Hijack Your Internet Traffic: Heres What You Do - Forbes - April 20th, 2020
- Internet security Market 2020 Break Down by Top Companies, Applications, Challenges, Opportunities and Forecast 2026 Cole Reports - Cole of Duty - April 20th, 2020
- Investor Paul Meeks overhauls tech strategy due to coronavirus risks, turns negative on two widely held stocks - CNBC - April 20th, 2020
- Authentic8's Front Line of Defense Tool Aims to Safeguard Government Agencies from Cyberthreats - WashingtonExec - April 20th, 2020
- Blockchain: The Most Awaited Ally For The Security Of The Internet Of Things - CoinCodex - April 20th, 2020
- The internet's battle against bots is heating up - The Hustle - April 20th, 2020
- Bot creates millions of fake eyeballs to rip off smart-TV advertisers - Naked Security - April 20th, 2020
- Where to buy Kaspersky Internet Security? - RecentlyHeard.com - April 17th, 2020
- Citing coronavirus disruptions, PhishCloud offers year of free service to prevent phishing scams - GeekWire - April 17th, 2020
- The Global Software Defined Perimeter Market size is expected to reach $10.7 billion by 2025, rising at a market growth of 23.7% CAGR during the... - April 17th, 2020
- Women are essential helpers during crises but they need access to the internet | TheHill - The Hill - April 17th, 2020
- How To Browse The Internet Privately on Your Phone (Our #1 Tips) - Know Your Mobile - April 17th, 2020
- Faster Internet and protection against cyberattacks: UPC Business offers customers free additional services during the coronavirus crisis -... - April 17th, 2020
- Teaching your kids to surf the internet safely - The Star Online - April 17th, 2020
- No, the Internet Is Not Good Again - The Atlantic - April 17th, 2020
- Cyberattacks on endpoints will rise by up to 40 per cent unless we act quickly - Techerati - April 17th, 2020
- RBR's CyberPatriots Continue their Winning Ways - The Two River Times - April 17th, 2020
- The Weaponization of Dogs on the Internet - Lawfare - April 17th, 2020
- Investment opportunities in the internet sector - Times of Malta - April 17th, 2020
- Matt Hancock has no answers for anything but he does have a six-point plan and a very small badge - The Independent - April 17th, 2020
- Best internet security suites of 2020: anti-virus and anti-malware cyber security - TechRadar - April 17th, 2020
- The security conundrum of 5G network slicing - Urgent Communications - April 13th, 2020
- How to Make Sure that Antivirus is on your Endpoints - Security Boulevard - April 13th, 2020
- Why you can't trust your vote to the internet - CyberScoop - April 13th, 2020
- IoT security, neglected infrastructure, and a crisis of trust deemed major threats for 2022 - TechRepublic - April 13th, 2020
- Aspects of cybersecurity not to overlook when working from home - Big Think - April 13th, 2020
- The Rise of the Secure Internet Gateway - Communal News - April 13th, 2020
- The University and its students must be more considerate of essential USC staff - Daily Trojan Online - April 13th, 2020
- Foreign Operatives Allegedly Using Zoom To Spy On Americans - Brinkwire - April 13th, 2020
- Top Ways to Guard Against Work-from-Home Phishing Threats - Infosecurity Magazine - April 13th, 2020
- Get 2 years of Webroot internet security and antivirus for $50 at Amazon - BGR - April 12th, 2020
- Internet Security Software Market Growth Analysis, Top Manufacturers, Shares, Growth Opportunities and Forecast to 2026 - Germany English News - April 12th, 2020
- Foreign Spies Are Targeting Americans on Zoom and Other Video Chat Platforms, U.S. Intel Officials Say - TIME - April 12th, 2020
- iOS users beware: Myth of Apple security invulnerability is just that - The Star Online - April 12th, 2020
- Experts: Internet voting isn't ready in the face of coronavirus pandemic - CyberScoop - April 12th, 2020
- Slack in the security spotlight lessons for collaboration servers - Naked Security - April 12th, 2020
- Google removes Android VPN with critical vulnerability from Play Store - Naked Security - April 12th, 2020
- Is there a way to find this file that's being used by another processor? - Windows 10 Support - BleepingComputer - April 12th, 2020
- Global Internet of Things (IoT) Security Industry 2020 Market Research With Size, Growth, Manufacturers, Segments And 2026 Forecasts Research -... - April 12th, 2020