How can we handle the security challenges provided by the IoT?
The much-anticipated Internet of Things (IoT) is finally happening. Our world is about to be fundamentally changed as billions of devices are made smart and connected. Nothing will be exempt from change. IoT will network devices in the home, in the vehicle, in the office, in the school, in the factory, on the farm, in public infrastructure, and on our bodies. Radical possibilities for enhancing our lives are emerging as objects and data are connected in ways never done before.
Today, information security practitioners are battling to cope with the myriad of security threats directed at government, the enterprise and individuals. Security challenges will be far tougher with IoT. As IoT gathers momentum, the attack surface will be exponentially enlarged. New technology, new operating systems, new environments, new devices – all will introduce new security vulnerabilities. Challenges to protect confidentiality, integrity and availability in a connected world of things will be exponentially greater. Privacy will be far more difficult to safeguard.
Both IoT usability and the security challenges are best dealt with through a centralised IoT Command Centre.
IoT implementations must follow acceptable standards and protocols for data storage, data sharing, and M2M communication. Sharing data between IoT systems adds utility to many IoT device function exponentially.
As connectivity expands, impacts of security and likelihood of privacy breaches multiplies exponentially. Security is crucial for an IoT world because of the disastrous potential for things to go wrong.
In a highly-connected society, the loss of confidentiality, integrity or availability can have significant, even life-threatening repercussions. The Command Centre should specify appropriate protocols and security and privacy standards. The IoT Command Centre must be built from the ground-up with security at the core, and include aspects such as encryption of sensitive data at rest and data in transmission, data classification, access management, endpoint hiding, and utilising IoT security and data sharing protocols.
SentryBay’s anti-keylogging and data encryption technologies are important components of the IoT security landscape, and SentryBay are currently working on some key additional pieces needed to support the overall security ecosystem.
Why is Phishing still so effective?
A number of reasons. Firstly the proliferation of browsing on mobile devices makes fake websites tougher to spot. Secondly the level of sophistication of cybercrimals has lifted making lures more difficult to identify (by user and technology). Thirdly this sophistication means phishing is an important component of e multi-stage exploit – gaining credentials (or further credentials) ready for the next level of attack (SANS institute showed Phishing was the greatest cause of enterprise intrusions at 37% for first half of 2015). Attacks have become more targeted. Phisihng sites only exist for around 2 hours. Blacklisting technologies do not have sufficient time, and heuristics are not accurate enough.
SentryBay’s approach to phishing – including its specialised training on all major brands targeted by phishers – ensures a user can be protected from the minute a phishing site is launched.
Is Malware really a threat to mobile devices?
The answer to this question little over 18 months ago was different to the one today. The number of malware written and distributed and infecting devices has exploded in this period. There are over 1m unique malicious apps in existence (HP Cyber Risk Report, 2015). There are a range of factors that have caused this sea-change and these factors, unfortunately, set the platform for further growth. Here are some of the key contributing factors:
- Greater ability to root phones (from all manufacturers) – including rooting caused just by visiting malicious web pages
- Proliferation of Android OS (now around 70% of devices globally) which have more vulnerabilities than IOS/Blackberry
- Unnecessary permissions rife amongst apps – even within legitimate apps
- Increase in malware shipped alongside legitimate apps
- Increased sophistication of infection and “hiding” abilities of mobile malware
The security landscape that has evolved requires a specialised approach to security. Just transferring outdated technologies such as virus signature detection to a mobile environment are almost pointless. SentryBay have a range of technologies and solutions in mobile that effectively address current challenges, and have a roadmap that focuses on where future challenges are coming. Current technologies include solutions for secure browsing from mobiles, the management of sensitive data/files that can be accessed anywhere plus secure keypads and communication channels that neatly side-step the ever-growing range of threats.More on SentrBay’s Mobile technologies.
Are Analytics the answer for today’s complex threats?
Yes, and no. There have been major advances in this area but it is still developing. The area suffers from having a lot of information coming from Big Data, not all of the data useful, and not always resulting in effective action. By the time threat analytics identify a potential compromise, the user – and the network – may be fully breached. And even when identified, the compromise may continue in a different form. However, in combination with endpoint, IDS and perimeter defences, it is becoming a key ingredient in the fight. It also allows more sharing of information and computation to be done in the cloud – placing less burden on enterprise devices. It is also essential in helping to deal with the threats posed by mobile and BYOD – allowing intelligence to be gained - and shared - to provide greater security against compromised mobile endpoints. As the area matures, it will likely become more important ingredient of the security protection ecosystem.SentryBay’s patented anti-phishing technology provides key inputs into a threat intelligence network. It provides an early warning system for
phishing attacks shared in real-time - plugging the current time-gap in detection that renders most other techniques obsolete. SentryBay’s endpoint solutions which control browser use and e-business connections, monitoring the security status of a user’s device, also contributes valuable intelligence to threat monitoring networks.More on SentrBay’s Anti-Phishing technology.