By Rick Peters, CISO Operational Technology, Fortinet
The ability of smart devices to interoperate with other network assets and enterprise systems has arguably transformed our personal and business lives. Smartphones, tablets, and connected entertainment systems employ context-aware applications, often operating in the background, automatically connect to networks, running tasks, and collecting, curating, and sharing intelligence. Smart cars present a similar challenge, monitoring internal vehicle information while providing interactive maps and entertainment, responding in real-time to changing driving conditions, and even alerting emergency services in the event of an accident. Even today’s smart appliances, like refrigerators, perform tasks like ordering their own water filters, streaming entertainment, and even interoperating with other devices, such as enabling live video interaction with a visitor using the smart doorbell.
Businesses also rely on smart devices. In an office environment, intelligent physical access control systems, security cameras, HVAC, and lighting systems can sense the presence of employees to save energy and protect resources. Advanced fire suppression systems not only turn on sprinklers but also alert the local fire department. Beyond the office, intelligent inventory management tools, assembly-line robotics, industrial control systems, and more have transformed the business landscape.
Securing Networks of Smart Systems
Securing smart devices is challenging not just because the majority are highly mobile, but precisely because they interoperate transparently with other systems, like web servers and applications. This is especially true now that home networks—along with all their connected (and poorly secured) consumer devices—are connected to corporate networks, cloud environments, and the public internet due to the rapid adoption of hybrid work models.
But that’s just the start. Proactively securing the enterprise becomes even more challenging as smart devices become an integral portion of a broader array of digitally connected infrastructure. For example, “smart buildings” increasingly combine physical access control, climate control, lighting, and emergency systems with connected IT and OT networks, enabling a unified management and control environment. As smart transportation evolves to support autonomous vehicles, it will expose the absolute requirement to share real-time sensor intelligence between vehicles and traffic control systems to route traffic around hazards and congestion, respond to weather events, or accommodate emergency vehicles.
An even higher order of complication is now emerging as smart systems are further aggregated. Smart cities will combine data from smart buildings and smart transportation grids to optimize the customer experience while delivering efficient asset management and energy consumption. For example, smart buildings can communicate with the energy grid so that energy collected by solar panels deployed at business parks can be intelligently rerouted to other parts of the community in the evenings and weekends when climate and lighting systems are dormant. As smart devices employ specialized applications to create ad hoc edge networks, they will collect and share intelligence, process data, and make autonomous decisions locally, while also being connected to the larger corporate network and cloud.
When so many systems—often part of separate networks—interoperate, security becomes extremely complicated. Put simply, where does the firewall live in these hyperconnected, highly volatile, and often dynamic environments? Cybersecurity solution strategies need to satisfy the necessity of delivering omnipresent performance, scalability, and speed to ensure integrity and timely response to network changes and an increasingly complex web of applications and services in real time.
Smart Systems Require Smart Security
What should be clear is that most legacy security systems instill much less confidence in protecting cyber physical assets connected into these new integrated environments. What’s needed is an intelligent meshed security architecture that integrates traditionally isolated security devices and services into a unified solution, and ties that functionality into the distributed network to intelligently monitor that environment across all devices, users, and applications. Regardless of where devices are located, who is operating them, or what applications are running, persistent security practices must enforce consistent policy when connecting to the network. Likewise, seamless behavioral tracking of devices, data, and applications end to end—from mobile devices and home and branch offices across the network campus and hybrid data centers and into and between multi-cloudenvironments is essential.
In today’s world—where we increasingly rely on an aggregation of interconnected environments that blur the lines between our professional and personal lives—networks and security must work together as a single system at every layer. This requires tools built around common operating systems, open APIs, and industry standards. And since both transactions and threats operate at blinding speeds, interoperability must be combined with speed as it is the only way to implement the automation essential to achieving seamless connectivity and protection.
5 Key Principles for Securing Networks of Smart Systems
Developing a meshed architecture is only possible when the development and selection of solutions follow five key principles:
- Broad: Solutions need to be deployable anywhere users, devices, and applications are located. Broad deployment ensures that distributed networks, and networks of networks, can track applications, transactions, and workflows to provide consistent policy enforcement end to end across the entire data path.
- Integrated: Orchestrated communication across solutions is essential for identifying new devices, managing access to resources, correlating data to detect threats, and enforcing policy through coordinated response. Such collaboration should be underpinned via a common set of actionable threat intelligence, to accomplish continual discovery and response to known, zero-day, and unknown threats. Integration also enables a common management and orchestration platform to increase end to end visibility and control.
- Automated: The execution of cybersecurity best practices must be accomplished via an ecosystem that is integrated seamlessly to the underlying network. This allows policies to automatically adapt to network changes, whether it’s as simple as swapping out connections, or if new devices or networks—whether physical or virtual—are added or dropped, or even if new and often temporary edge networks are created.
- Intelligent: Advancements in cybersecurity strategy mush leverage time sensitive actionable intelligence to proactively achieve defence in depth. The dependence on Machine Learning (ML) and Artificial Intelligence (AI) enables growth and situational awareness as the cybersecurity defence and maturity is continuous. Intelligent systems can sift and correlate massive amounts of data to detect and evaluate suspicious activity in real time—whether at the endpoint, the cloud, or physical network—to intervene before malicious payloads can be activated. Self-aware networks can also self-heal by automatically troubleshooting issues and simultaneously deploying new connection and security protocols.
- Fast: Cybersecurity services that bottleneck operations manifest untenable latency. Hyper performance is essential for supporting increasingly complex applications and growing volumes of streaming data. Security solutions need to inspect streaming encrypted data, including video, at line rates. This requires new technologies, such as purpose-built security processors that function much like advanced graphics processors that offload and render high-resolution video traffic to make today’s gaming and entertainment systems possible.
Experts in the business of cybersecurity maturity would argue that managing discrete smart devices is just a fraction of the challenge. Global digital acceleration is being driven by creating cohesive and dynamic networks of smart devices. And then networks of those networks. Given the traditionally slow pace of security technologies to adapt to new network environments, they are likely to be the biggest barrier to ongoing transformation of business, leading to lower productivity, poor user experience, and an inability to compete effectively. In this new paradigm, security can no longer be bolted on after the network has been designed and implemented.
Organizations need to start now by selecting tools designed to support and adapt to today’s business environments, including out-of-the-box support for security-driven networking and meshed security architectures. The consequence of failing to recognize and adopting such strategy is the likelihood of impact on businesses that makes survival unlikely and losing out on the benefits and opportunity derived from the next generation of digital innovation.