SlideShare a Scribd company logo

Safeguarding the Internet of Things

Cognizant
Cognizant

The Internet of Things (IoT) promises to change the way enterprises connect, communicate, operate, and compete. At the same time, the IoT has left enterprise networks and IoT devices extremely vulnerable to security breaches. Current IoT devices and infrastructures are simply not equipped to tackle today’s sophisticated attack methods. Vulnerabilities can be easily exploited unless security is embedded from the inside out – from conception, deployment, and maintenance, to the network edge and across connected devices and infrastructures.

Related slideshows

PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715
 
A Study on Device Oriented Security Challenges in Internet of Things (IoT)
A Study on Device Oriented Security Challenges in Internet of Things (IoT)A Study on Device Oriented Security Challenges in Internet of Things (IoT)
A Study on Device Oriented Security Challenges in Internet of Things (IoT)
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoT
 
1 of 14
Download to read offline
Cognizant Reports | May 2017 Safeguarding the Internet of Things While the Internet of Things promises real-time operational benefits, vulnerabilities can be easily exploited unless security is embedded from the inside out – from conception, deployment, and maintenance, to the network edge and across connected devices and infrastructures. COGNIZANT REPORTS
Cognizant Reports Safeguarding the Internet of Things | 2 EXECUTIVE SUMMARY The rapid growth of the Internet of Things (IoT) has left enterprise networks and IoT devices extremely vulnerable to security breaches. Although this threat looms large for companies deploying IoT applications and infrastructures, most organizations’ security budgets do not account for securing their IoT subnetworks. That’s because current IoT devices and infrastructures are not equipped to avert today’s sophisticated attack methods. The heterogenous nature of device software, insufficient monitoring, and a lack of visibility into IoT devices only add to the complexity of safeguarding enterprise IoT ecosystems. At the same time, investing in highly secure IoT-based infrastructure can deliver a range of significant benefits, including: • Higher revenues from new business models. • Lower operational costs through optimized processes and seamless business operations. • Immediate access to clean, meaningful, and highly accurate data. • A superior user experience. To develop such an infrastructure, organizations need to build in security at every stage – fromapplicationconceptionanddesign,todeployment,operations,maintenance,upgrades, and retirement. Companies that have already implemented an IoT solution can consider an outside-in approach by undergoing an independent review of their infrastructure that includes: • Threat modeling across all security layers. • Tailored penetration testing and vulnerability assessment. • Review of common attack surface areas.
Organizations that want to identify vulnerabilities and improve their security stance from the beginning should consider an inside-out approach that focuses on ensuring that key elements are embedded in their IoT solution: • Secure boot and hardware-based security controls. • Device authentication and secure data management. • A policy framework for governance. • Secure, over-the-air (OTA) updates. • Secure remote access. • Fail safe/self-awareness. • A layered security design. Cognizant Reports Safeguarding the Internet of Things | 3
Cognizant Reports THE STATE OF IOT SECURITY The Internet of Things (IoT) is growing at a stunning pace – expected to account for 28.1 billion con- nected devices by 2020 (see Figure 1). 1 From an economic standpoint, linking the physical and digital worlds could generate up to $11.1 trillion a year by 2025. 2 Organizations that are using or plan to use the IoT will have to ensure that all IoT devices connected to their networks are highly secure; other- wise, they can be a potential entry point for network intrusions. Projected Number of IoT Connected Devices: 2015-2020 (billions) 13.1 16.3 19.2 22.2 25.2 28.1 2015 2016 2017 2018 2019 2020 Figure 1 Source: IDC, Worldwide and Regional IoT Forecasts, 2015 via Economist According to Gartner, spending on IoT security is expected to reach $547 million in 2018, 3 almost double the $281.54 billion expended in 2015. Gartner also predicts that by 2020 more than 25% of identified enterprise security breaches will involve the Internet of Things. Yet the IoT will account for less than 10% of IT security budgets. 4 Research indicates that a majority of IoT devices, such as SCADA systems, medical devices, critical infrastructure components, smart meters, and appli- ances, have insufficient security mechanisms. Furthermore, less than one-third use encryption to protect vital systems and safeguard the data coursing through their networks. 5 Poor communica- tion between IT teams and the low priority accorded to securing IoT data by top-level management are also proving to be major impediments to adequately safeguarding enterprise IoT environments (see Figure 2, next page). 6
Cognizant Reports Safeguarding the Internet of Things | 5 ENTERPRISE IOT SECURITY CHALLENGES The very nature of IoT infrastructures poses numerous challenges to companies securing their IoT installations: Device & Infrastructure Vulnerabilities Because IoT infrastructures rely on both physical and virtual components, risks and vulnerabilities are compounded. This can overwhelm security administrators. Most IoT devices typically oper- ate outside organizational firewalls, yet connect directly to companies’ internal networks and applications  – significantly increasing their vul- nerability by extending the attack surface (i.e., the number of unprotected devices that attackers can target). Unprotected IoT devices in a network can be converted into bots by attackers, then used to attack third-party systems and extract data from communication channels. 7 Gartner says that security vendors will be challenged to provide usable IoT security features because of the limited assigned budgets for IoT, and orga- nizations’ decentralized approach to early IoT implementations. 8 IoT devices are predominantly single-purpose tools; their function is governed by sensors and the types of data they bring into an enterprise. Unlike their more evolved IT counterparts (smart- phones, desktops, and portable computers), IoT devices’ processing and storage capacity is strictly for functional purposes, and not intended to handle heavy-duty computing tasks, such as encryption, unless absolutely necessary (see Figure 3). Otherwise, the devices become easy Which of the Following Do You Believe Will be Your Organization’s One or Two Biggest Challenges Around IoT security? 41% 34% 34% 27% 25% 4% IT and OT Functions Working Together – Example: Technology Acknowledging IoT Devices – They are around and need to be secured Allocating Budget for Security for IoT Devices Solution Availability – Which are industry approporiate Lack of Personal Resources Others Figure 2 Source: Forescout, 2016 Top IoT Vulnerabilities 1 Unsecured Web Interface 2 Insufficient Authentication/Authorization 3 Unsecured Network Services 4 Lack of Transport Encryption/ Integrity Verification 5 Privacy Concerns 6 Unsecured Cloud Interface 7 Unsecured Mobile Interface 8 Insufficient Security Configurability 9 Unsecured Software/Firmware 10 Poor Physical Security Figure 3 Source: www.owasp.org
Safeguarding the Internet of Things | 6 targets for potential hackers looking for the weakest link in the enterprise (see Figure 4). 9 As they evolve, IoT devices are expected to take on more complex tasks related to data collec- tion, communication, and analysis, which will enhance their autonomous decision-making capabilities. 10 Yet if left unprotected and without sufficient security controls, they will become the target of choice for attackers looking to steal raw and processed data (see Figure 5). The ease and effort involved in rectifying this issue Cognizant 20-20 Insights Percentage of Devices Vulnerable to Cyber-Penetration 80% 80% 70% 70% 60% Failed to require adequate password protection Raised serious privacy concerns Enabled hackers to identify user accounts Did not encrypt data to the Internet or local network Did not use encryption when downloading software Figure 4 Source: Hewlett Packard Enterprise Security Research, 2015 via Economist. Devices came from manufacturers of TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers. All devices used mobile connections, and the majority were connected to a cloud service. Risks Increase as the IoT Matures Phase Function Dumb Basic Smart Semi-Autonomous Fully Autonomous Data Collection No Data No-Risk Data Moderate-Risk Data High-Risk Data Data Analysis No Analysis No Analysis Cloud Analysis Cloud + On-Device Decision Making No Decisions Human-Controlled Cloud-Based Cloud + On-Device Communications No Communications Cloud Read Cloud Read Write Machine-to-Machine Potential Impact Limited Moderate High Critical Figure 5 Source: Forrester and Cloudera
Cognizant Reports Safeguarding the Internet of Things | 7 is directly proportional to the distance between the “break-in” point and the edge device – the entryway to enterprise networks, and where data collection takes place, followed by data analysis, policy decisions, communications, and applications. Software Heterogeneity By design, an IoT infrastructure establishes multiple connections – numbering in the bil- lions – between things, people, and other entities. Managing user permissions for these relation- ships is already a major challenge. Each IoT device comes with unique, manufacturer-supplied software and services, which can expose gaps in privacy, security, compliance, and transparency. These vulnerabilities are not only difficult to detect, they’re hard to resolve. Also, given these devices’ limited processing power and storage, running them on old and often unpatched oper- ating systems only increases risk. Software heterogeneity is evident in the vari- ety of protocols currently used by companies in industries that focus more on functionality than security. For example, the z-wave proto- col applies more to home automation and radio frequency-type devices, while MQTT or AMQP protocols are more suited to middleware for enterprise-grade devices. Since the identity of a device is the focal point of IoT security chal- lenges, standardizing protocols and applications for industries and contexts is a fundamental requirement when handling this level of diversity. Poor Visibility & Monitoring Securing any network requires that connected devices be visible and manageable. Yet when it comes to the Internet of Things, many organiza- tions fail to extend their security policies to IoT devices or gateways connected to home net- works. 11 Surprisingly, a 2014 study by Tripwire and Atomik Research reveals that a majority of employees who work in industries with criti- cal infrastructures routinely access company documents and e-mail from home, and on aver- age had 11 IoT devices connected to their home networks. 12 A survey conducted by ForeScout 13 found that half of the IT professionals surveyed lacked the ability to see, manage, and control the IoT devices connected in their network. This is largely due to the erratic adoption of available protocols and proprietary customiza- tions – rendering devices even more vulnerable. The challenge is to develop a consistent policy for exchanging and handling data securely within and across devices – from discovery to authenti- cation. Single-purpose devices tie themselves to their respective provider apps or cloud platforms, while general-purpose devices typically lack the ability to improvise or integrate a common authentication or policy-management solution to monitor them. SECURING AN ENTERPRISE IoT NETWORK Organizations must understand the extent to which IoT networks, related infrastructures, and ecosystems can evolve. Looking through the The challenge is to develop a consistent policy for exchanging and handling data securely within and across devices.
Cognizant Reports Safeguarding the Internet of Things | 8 security prism at a high level, enterprises fall into two broad categories: • Those that have already implemented com- mercial IoT solutions/vendor products, with potential limitations concerning the level of security supported natively by underlying solutions. • Those that take the opportunity to engineer or integrate an IoT solution/platform with the intent to potentially incorporate industry standards or risk-driven security features into their IoT solutions or supporting ecosystem. The following recommendations can help com- panies decide where they stand in terms of IoT security, and what they need to do going forward. Review the Security of Existing IoT Solutions Companies that have already implemented an IoT solution should undergo an independent review to determine the resilience of their existing IoT environment. This requires them to: • Perform threat modeling at each security layer, including devices, gateways, and the connected cloud/ IT infrastructure. • Gather insights from the threat modeling; perform a tailored penetration test to assess vulnerabilities at each layer. The choice of static or dynamic analysis can be based on the availability of code. 14 • Review common attack surfaces, such as the communication protocol, authentication between endpoints, fail-safe devices, and the exposures associated with the hosting infra- structure, such as the gateways. • Enumerate attack routes, such as physi- cal access points, communication channels, connecting applications, interfaces, and consuming services. Figure 6 illustrates this point using two common industries: utilities (smart meters) and automotive (connected cars) as examples. This assessment should be tailored to each attack point in the respec- tive layers. Embed Security Throughout the Lifecycle Organizations betting heavily on an IoT solution/ appliance can improve their odds of success by focusing on security from the ideation stage. This can be done with a thoughtfully considered set of alternatives for authentication, data manage- ment, and control, keeping in mind the context Enumerate Attack Routes Attack Points Smart Meters Connected Cars Physical Access Disassembling to gain access to electronic components, communication buses Access to CAN/LIN networks; access through OBD connectors Communication Channels Zigbee, Zwave, 6LowPAN 3G/4G, Wifi, BLE, Satellite Radio, RBDS Connecting Applications, Interfaces Metering and control applications, mobile applications Mobile apps, media players, iPod, AUX, USB, SD cards Consuming Services Web services, RESTful APIs, cloud/ data aggregation IOT platforms Vendor platforms, open platforms (maps, navigation, weather) Figure 6 Source: Cognizant
Safeguarding the Internet of Things | 9 Enterprises should develop strong device identification and authentication processes to ensure that only authenticated IoT devices are integrated with their centralized network. of the IoT devices’ physical operating boundar- ies, as well as the dependencies and independent factors governing them. This inside-out approach should consider the following parameters: • Secure boot and hardware-based security controls: The choice of microcontroller; the possibility of having trusted platform modules for segregating secure operations; the use of specialized security chips/coprocessors; and the application of cryptographic modules in line with standards such as FIPS 140-2 15 to determine the longevity of a design and the resilience of the finished product over time. • Device authentication and secure data management: The sophistication of authen- tication mechanisms is largely related to the choice of hardware and specifications. Authentication form factors (shared keys, user name/passwords, certificates, etc.) and current protocols (CoAP, 16 ZWave, 17 Bluetooth, etc.) are consolidating. Enterprises should develop strong device identification and authentication processes to ensure that only authenticated IoT devices are integrated with their centralized network. Extending this further, companies should ensure that devices have authorization restrictions and use encryption to secure code and data. Organizations should limit the data they collect and retain, and dispose of it once they no longer need it, since unprotected data can provide attackers with ways to jeopardize IoT networks. Placing data defenses near data sources will help reduce/eliminate the risks emanating from compromised data. • Policy framework for governance: A sound governance policy is critical for effectively managing devices, people, information, and other entities within an IoT environment. Device binaries should include signatures that identify them to a common gateway policy engine, and govern the devices through- out their lifecycle – from registration, to key management, OTA, and data communica- tion across the enterprise. Protocols such as OAUTH2 18 should be used as guidelines for securely sharing information. • Secure OTA updates: Performing OTA (over- the-air) updates is one of the most challenging elements of a robust product/solution. The process involves three distinct phases: secure production of the OTA bits, secure transport, Placing data defenses near data sources will help reduce/eliminate the risks emanating from compromised data.
Cognizant Reports Safeguarding the Internet of Things | 10 and updating the bits on the target device. Updating binaries should take into account practical challenges, such as network band- width, security of the adopted channels (open, proprietary), and the time it will take to complete an update. Secure OTA binaries can employ basic Public Key Cryptographic Standards (PKCS) for secure packaging and messaging. This is key, since updated end- point security software is necessary to keep IoT devices from being compromised. • Secure remote access: Malicious attackers often target the most obvious vulnerabili- ties – weak admin credentials, open ports, and unpatched operating systems – to gain remote access. Companies should focus on improv- ing the resilience of these assets by carefully considering and strengthening their com- munication protocols, key management (and rotation) strategy, and their ability to render a compromised device to an uncompromised state in the event of a security breach. • Fail Safe/Self-Awareness: Enterprises should consider both external and extraneous factors such as weather and human actions (deliber- ate or inadvertent), which add dimensions to conventional threat modeling. Equipping IoT devices with contextual intelligence helps in building self-awareness. Using this oft- repeated software design principle comes in very handy in the connected world, par- ticularly since the context imposed on these devices is far more imposing than on a typi- cal software system. While advanced machine learning and artificial intelligence are still not commonplace, improvements in processing power and protocol standardization enable devices to fail safely and in context. Layered security design: Finally, organiza- tions should deploy security at all layers of IoT interactions, such as the device, app, and network layer (see Figure 7). Enterprise IoT security can be bolstered by using multiple layers of security, including security protocols, authentication/encryption, intrusion detection/ prevention systems, and firewalls. Positioning security mechanisms at each layer helps protect the overall network with safeguards at the device layer, ensures the integrity and security of data in transit over public communication networks, and secures data in the cloud. Companies should focus on improving resilience by carefully considering and strengthening their communication protocols, key management (and rotation) strategy, and their ability to render a compromised device to an uncompromised state in the event of a security breach.
Cognizant Reports Safeguarding the Internet of Things | 11 Security at Multiple Layers of IOT Interactions Security in Every Layer Device Layer Secure booting Authenticity and integrity of software on the device. Device Authentication Machine authentication allows a device to access networks based on credentials from a secured storage area. App Layer Access Control Mandatory Access Control (MAC) or Role Based Access Control (RBAC) to ensure minimal access limited to a component. App Data Integrity and confidentiality of application data. Network Layer Firewalling and IPS Industry-specific protocol filtering and deep packet inspection capabilities are needed to identify malicious payloads hiding in non- IT protocols. Security Information & Event Monitoring (SIEM) Integration with network management and event correlation products. Signaling Integrity Ensuring the signal quality between various devices. Datagram & Signaling Confidentiality Maintaining UDP and electrical communication confidentiality. Figure 7 Cognizant App Data Integrity Access Control App Data Confidentiality A pp Layer N etw ork Layer Signaling Integrity Datagram Signalin ConfidentialitySIEM Network Authentication Device Layer Secure Booting Device Authentication Device Integrity GETTING THERE The Internet of Things promises to change the way enterprises operate, communicate, and compete. Yet along with their many advantages, IoT environments are highly visible and vulnerable to security breaches at various layers. To prevent and deflect these intrusions, companies must build in security from the very beginning – remembering that the Internet of Things involves both physical and virtual operating perimeters that must be properly governed and protected throughout the IoT ecosystem.
Cognizant Reports Safeguarding the Internet of Things | 12 FOOTNOTES 1 “Securing the internet of things,” April 2016, Economist Intelligence Unit and Hewlett Packard Enterprise. https://hpe-enter- priseforward.com/eiu-securing-iot/ 2 “Unlocking the potential of the Internet of Things,” McKinsey Global Institute, June, 2015. http://www.mckinsey.com/busi- ness-functions/digital-mckinsey/our-insights/the-internet-of-things-the-value-of-digitizing-the-physical-world 3 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner, April 25, 2016. http://www.gartner. com/newsroom/id/3291817 4 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner, April 25, 2016. http://www.gartner. com/newsroom/id/3291817 5 “A primer on enterprise Internet of Things security planning,” The Economist, April 12, 2016. http://samsungbusiness.econo- mist.com/a-primer-on-enterprise-internet-of-things-security-planning/ 6 “The Internet of Things isn’t coming. It’s here.” ForeScout, June, 2016. https://www.forescout.com/wp-content/ uploads/2016/06/ForeScout-Webtorials-IoT-Security-Survey-Results-June-2016.pdf 7 “Internet of Things: Features, Challenges, and Vulnerabilities,” International Journal of Advanced Computer Science and Information Technology, Vol. 4, No. 1, 2015. https://pdfs.semanticscholar.org/ab0a/90ddd8208234e7335b1cc175b49461c- 2bae5.pdf 8 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner. April 25, 2016. http://www.gartner. com/newsroom/id/3291817 9 “Securing the internet of things,” April, 2016. Economist Intelligence Unit and Hewlett Packard Enterprise. https://hpe-enter- priseforward.com/eiu-securing-iot/ 10 “Secure IoT as It Advances through Maturity Phases,” January, 2016. Forrester and Cloudera. https://www.cloudera.com/ content/dam/www/static/documents/analyst-reports/forrester-secure-iot-as-it-advances-through-maturity-phases.pdf 11 “Survey Identifies Internet of Things (IoT) Security Challenges for the Connected Enterprise,” June 2016, ForeScout, https:// www.forescout.com/company/news/press-release/survey-identifies-internet-things-iot-security-challenges-connected-enter- prise/ 12 “3 Best Practices for protecting against IoT cross-contamination risks,” April, 2016. The Economist, http://samsungbusiness. economist.com/3-best-practices-for-protecting-against-iot-cross-contamination-risks/ 13 “Survey Identifies Internet of Things (IoT) Security Challenges for the Connected Enterprise,” June, 2016. ForeScout. https:// www.forescout.com/company/news/press-release/survey-identifies-internet-things-iot-security-challenges-connected-enter- prise/ 14 Static code analysis is done without executing any of the code; dynamic code analysis relies on studying how the code behaves during execution. September, 2010. www.computerweekly.com 15 The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2) is a U.S. government computer secu- rity standard used to approve cryptographic modules. https://en.wikipedia.org/wiki/FIPS_140-2 16 The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. http://coap.technology/ 17 The Z-Wave protocol is an interoperable, wireless, RF-based communications technology designed specifically for control, monitoring and status reading applications in residential and light commercial environments. http://z-wavealliance.org/ about_z-wave_technology/ 18 OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices. https://oauth.net/2/ 19 “Security In The Internet of Things,” 2015, Wind River Systems, Inc. https://www.windriver.com/whitepapers/security-in-the- internet-of-things/wr_security-in-the-internet-of-things.pdf
Cognizant Reports Safeguarding the Internet of Things | 13 AUTHOR & ANALYST Aala Santhosh Reddy Senior Researcher Cognizant Research Center Srinivasan Ganesh Chief Architect – Technology EBA-ERSS Cognizant Corporation SUBJECT MATTER EXPERT
World Headquarters 500 Frank W. Burr Blvd. Teaneck, NJ 07666 USA Phone: +1 201 801 0233 Fax: +1 201 801 0243 Toll Free: +1 888 937 3277 European Headquarters 1 Kingdom Street Paddington Central London W2 6BD England Phone: +44 (0) 20 7297 7600 Fax: +44 (0) 20 7121 0102 India Operations Headquarters #5/535 Old Mahabalipuram Road Okkiyam Pettai, Thoraipakkam Chennai, 600 096 India Phone: +91 (0) 44 4209 6000 Fax: +91 (0) 44 4209 6060 © Copyright 2017, Cognizant. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any means,electronic, mechanical, photocopying, recording, or otherwise, without the express written permission from Cognizant. The information contained herein is subject to change without notice. All other trademarks mentioned herein are the property of their respective owners. TL Codex 2465 ABOUT COGNIZANT Cognizant (NASDAQ-100: CTSH) is one of the world’s leading professional services companies, transforming clients’ business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innova- tive and efficient businesses. Headquartered in the U.S., Cognizant is ranked 230 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @Cognizant.

More Related Content

Safeguarding the Internet of Things

  • 1. Cognizant Reports | May 2017 Safeguarding the Internet of Things While the Internet of Things promises real-time operational benefits, vulnerabilities can be easily exploited unless security is embedded from the inside out – from conception, deployment, and maintenance, to the network edge and across connected devices and infrastructures. COGNIZANT REPORTS
  • 2. Cognizant Reports Safeguarding the Internet of Things | 2 EXECUTIVE SUMMARY The rapid growth of the Internet of Things (IoT) has left enterprise networks and IoT devices extremely vulnerable to security breaches. Although this threat looms large for companies deploying IoT applications and infrastructures, most organizations’ security budgets do not account for securing their IoT subnetworks. That’s because current IoT devices and infrastructures are not equipped to avert today’s sophisticated attack methods. The heterogenous nature of device software, insufficient monitoring, and a lack of visibility into IoT devices only add to the complexity of safeguarding enterprise IoT ecosystems. At the same time, investing in highly secure IoT-based infrastructure can deliver a range of significant benefits, including: • Higher revenues from new business models. • Lower operational costs through optimized processes and seamless business operations. • Immediate access to clean, meaningful, and highly accurate data. • A superior user experience. To develop such an infrastructure, organizations need to build in security at every stage – fromapplicationconceptionanddesign,todeployment,operations,maintenance,upgrades, and retirement. Companies that have already implemented an IoT solution can consider an outside-in approach by undergoing an independent review of their infrastructure that includes: • Threat modeling across all security layers. • Tailored penetration testing and vulnerability assessment. • Review of common attack surface areas.
  • 3. Organizations that want to identify vulnerabilities and improve their security stance from the beginning should consider an inside-out approach that focuses on ensuring that key elements are embedded in their IoT solution: • Secure boot and hardware-based security controls. • Device authentication and secure data management. • A policy framework for governance. • Secure, over-the-air (OTA) updates. • Secure remote access. • Fail safe/self-awareness. • A layered security design. Cognizant Reports Safeguarding the Internet of Things | 3
  • 4. Cognizant Reports THE STATE OF IOT SECURITY The Internet of Things (IoT) is growing at a stunning pace – expected to account for 28.1 billion con- nected devices by 2020 (see Figure 1). 1 From an economic standpoint, linking the physical and digital worlds could generate up to $11.1 trillion a year by 2025. 2 Organizations that are using or plan to use the IoT will have to ensure that all IoT devices connected to their networks are highly secure; other- wise, they can be a potential entry point for network intrusions. Projected Number of IoT Connected Devices: 2015-2020 (billions) 13.1 16.3 19.2 22.2 25.2 28.1 2015 2016 2017 2018 2019 2020 Figure 1 Source: IDC, Worldwide and Regional IoT Forecasts, 2015 via Economist According to Gartner, spending on IoT security is expected to reach $547 million in 2018, 3 almost double the $281.54 billion expended in 2015. Gartner also predicts that by 2020 more than 25% of identified enterprise security breaches will involve the Internet of Things. Yet the IoT will account for less than 10% of IT security budgets. 4 Research indicates that a majority of IoT devices, such as SCADA systems, medical devices, critical infrastructure components, smart meters, and appli- ances, have insufficient security mechanisms. Furthermore, less than one-third use encryption to protect vital systems and safeguard the data coursing through their networks. 5 Poor communica- tion between IT teams and the low priority accorded to securing IoT data by top-level management are also proving to be major impediments to adequately safeguarding enterprise IoT environments (see Figure 2, next page). 6
  • 5. Cognizant Reports Safeguarding the Internet of Things | 5 ENTERPRISE IOT SECURITY CHALLENGES The very nature of IoT infrastructures poses numerous challenges to companies securing their IoT installations: Device & Infrastructure Vulnerabilities Because IoT infrastructures rely on both physical and virtual components, risks and vulnerabilities are compounded. This can overwhelm security administrators. Most IoT devices typically oper- ate outside organizational firewalls, yet connect directly to companies’ internal networks and applications  – significantly increasing their vul- nerability by extending the attack surface (i.e., the number of unprotected devices that attackers can target). Unprotected IoT devices in a network can be converted into bots by attackers, then used to attack third-party systems and extract data from communication channels. 7 Gartner says that security vendors will be challenged to provide usable IoT security features because of the limited assigned budgets for IoT, and orga- nizations’ decentralized approach to early IoT implementations. 8 IoT devices are predominantly single-purpose tools; their function is governed by sensors and the types of data they bring into an enterprise. Unlike their more evolved IT counterparts (smart- phones, desktops, and portable computers), IoT devices’ processing and storage capacity is strictly for functional purposes, and not intended to handle heavy-duty computing tasks, such as encryption, unless absolutely necessary (see Figure 3). Otherwise, the devices become easy Which of the Following Do You Believe Will be Your Organization’s One or Two Biggest Challenges Around IoT security? 41% 34% 34% 27% 25% 4% IT and OT Functions Working Together – Example: Technology Acknowledging IoT Devices – They are around and need to be secured Allocating Budget for Security for IoT Devices Solution Availability – Which are industry approporiate Lack of Personal Resources Others Figure 2 Source: Forescout, 2016 Top IoT Vulnerabilities 1 Unsecured Web Interface 2 Insufficient Authentication/Authorization 3 Unsecured Network Services 4 Lack of Transport Encryption/ Integrity Verification 5 Privacy Concerns 6 Unsecured Cloud Interface 7 Unsecured Mobile Interface 8 Insufficient Security Configurability 9 Unsecured Software/Firmware 10 Poor Physical Security Figure 3 Source: www.owasp.org
  • 6. Safeguarding the Internet of Things | 6 targets for potential hackers looking for the weakest link in the enterprise (see Figure 4). 9 As they evolve, IoT devices are expected to take on more complex tasks related to data collec- tion, communication, and analysis, which will enhance their autonomous decision-making capabilities. 10 Yet if left unprotected and without sufficient security controls, they will become the target of choice for attackers looking to steal raw and processed data (see Figure 5). The ease and effort involved in rectifying this issue Cognizant 20-20 Insights Percentage of Devices Vulnerable to Cyber-Penetration 80% 80% 70% 70% 60% Failed to require adequate password protection Raised serious privacy concerns Enabled hackers to identify user accounts Did not encrypt data to the Internet or local network Did not use encryption when downloading software Figure 4 Source: Hewlett Packard Enterprise Security Research, 2015 via Economist. Devices came from manufacturers of TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers. All devices used mobile connections, and the majority were connected to a cloud service. Risks Increase as the IoT Matures Phase Function Dumb Basic Smart Semi-Autonomous Fully Autonomous Data Collection No Data No-Risk Data Moderate-Risk Data High-Risk Data Data Analysis No Analysis No Analysis Cloud Analysis Cloud + On-Device Decision Making No Decisions Human-Controlled Cloud-Based Cloud + On-Device Communications No Communications Cloud Read Cloud Read Write Machine-to-Machine Potential Impact Limited Moderate High Critical Figure 5 Source: Forrester and Cloudera
  • 7. Cognizant Reports Safeguarding the Internet of Things | 7 is directly proportional to the distance between the “break-in” point and the edge device – the entryway to enterprise networks, and where data collection takes place, followed by data analysis, policy decisions, communications, and applications. Software Heterogeneity By design, an IoT infrastructure establishes multiple connections – numbering in the bil- lions – between things, people, and other entities. Managing user permissions for these relation- ships is already a major challenge. Each IoT device comes with unique, manufacturer-supplied software and services, which can expose gaps in privacy, security, compliance, and transparency. These vulnerabilities are not only difficult to detect, they’re hard to resolve. Also, given these devices’ limited processing power and storage, running them on old and often unpatched oper- ating systems only increases risk. Software heterogeneity is evident in the vari- ety of protocols currently used by companies in industries that focus more on functionality than security. For example, the z-wave proto- col applies more to home automation and radio frequency-type devices, while MQTT or AMQP protocols are more suited to middleware for enterprise-grade devices. Since the identity of a device is the focal point of IoT security chal- lenges, standardizing protocols and applications for industries and contexts is a fundamental requirement when handling this level of diversity. Poor Visibility & Monitoring Securing any network requires that connected devices be visible and manageable. Yet when it comes to the Internet of Things, many organiza- tions fail to extend their security policies to IoT devices or gateways connected to home net- works. 11 Surprisingly, a 2014 study by Tripwire and Atomik Research reveals that a majority of employees who work in industries with criti- cal infrastructures routinely access company documents and e-mail from home, and on aver- age had 11 IoT devices connected to their home networks. 12 A survey conducted by ForeScout 13 found that half of the IT professionals surveyed lacked the ability to see, manage, and control the IoT devices connected in their network. This is largely due to the erratic adoption of available protocols and proprietary customiza- tions – rendering devices even more vulnerable. The challenge is to develop a consistent policy for exchanging and handling data securely within and across devices – from discovery to authenti- cation. Single-purpose devices tie themselves to their respective provider apps or cloud platforms, while general-purpose devices typically lack the ability to improvise or integrate a common authentication or policy-management solution to monitor them. SECURING AN ENTERPRISE IoT NETWORK Organizations must understand the extent to which IoT networks, related infrastructures, and ecosystems can evolve. Looking through the The challenge is to develop a consistent policy for exchanging and handling data securely within and across devices.
  • 8. Cognizant Reports Safeguarding the Internet of Things | 8 security prism at a high level, enterprises fall into two broad categories: • Those that have already implemented com- mercial IoT solutions/vendor products, with potential limitations concerning the level of security supported natively by underlying solutions. • Those that take the opportunity to engineer or integrate an IoT solution/platform with the intent to potentially incorporate industry standards or risk-driven security features into their IoT solutions or supporting ecosystem. The following recommendations can help com- panies decide where they stand in terms of IoT security, and what they need to do going forward. Review the Security of Existing IoT Solutions Companies that have already implemented an IoT solution should undergo an independent review to determine the resilience of their existing IoT environment. This requires them to: • Perform threat modeling at each security layer, including devices, gateways, and the connected cloud/ IT infrastructure. • Gather insights from the threat modeling; perform a tailored penetration test to assess vulnerabilities at each layer. The choice of static or dynamic analysis can be based on the availability of code. 14 • Review common attack surfaces, such as the communication protocol, authentication between endpoints, fail-safe devices, and the exposures associated with the hosting infra- structure, such as the gateways. • Enumerate attack routes, such as physi- cal access points, communication channels, connecting applications, interfaces, and consuming services. Figure 6 illustrates this point using two common industries: utilities (smart meters) and automotive (connected cars) as examples. This assessment should be tailored to each attack point in the respec- tive layers. Embed Security Throughout the Lifecycle Organizations betting heavily on an IoT solution/ appliance can improve their odds of success by focusing on security from the ideation stage. This can be done with a thoughtfully considered set of alternatives for authentication, data manage- ment, and control, keeping in mind the context Enumerate Attack Routes Attack Points Smart Meters Connected Cars Physical Access Disassembling to gain access to electronic components, communication buses Access to CAN/LIN networks; access through OBD connectors Communication Channels Zigbee, Zwave, 6LowPAN 3G/4G, Wifi, BLE, Satellite Radio, RBDS Connecting Applications, Interfaces Metering and control applications, mobile applications Mobile apps, media players, iPod, AUX, USB, SD cards Consuming Services Web services, RESTful APIs, cloud/ data aggregation IOT platforms Vendor platforms, open platforms (maps, navigation, weather) Figure 6 Source: Cognizant
  • 9. Safeguarding the Internet of Things | 9 Enterprises should develop strong device identification and authentication processes to ensure that only authenticated IoT devices are integrated with their centralized network. of the IoT devices’ physical operating boundar- ies, as well as the dependencies and independent factors governing them. This inside-out approach should consider the following parameters: • Secure boot and hardware-based security controls: The choice of microcontroller; the possibility of having trusted platform modules for segregating secure operations; the use of specialized security chips/coprocessors; and the application of cryptographic modules in line with standards such as FIPS 140-2 15 to determine the longevity of a design and the resilience of the finished product over time. • Device authentication and secure data management: The sophistication of authen- tication mechanisms is largely related to the choice of hardware and specifications. Authentication form factors (shared keys, user name/passwords, certificates, etc.) and current protocols (CoAP, 16 ZWave, 17 Bluetooth, etc.) are consolidating. Enterprises should develop strong device identification and authentication processes to ensure that only authenticated IoT devices are integrated with their centralized network. Extending this further, companies should ensure that devices have authorization restrictions and use encryption to secure code and data. Organizations should limit the data they collect and retain, and dispose of it once they no longer need it, since unprotected data can provide attackers with ways to jeopardize IoT networks. Placing data defenses near data sources will help reduce/eliminate the risks emanating from compromised data. • Policy framework for governance: A sound governance policy is critical for effectively managing devices, people, information, and other entities within an IoT environment. Device binaries should include signatures that identify them to a common gateway policy engine, and govern the devices through- out their lifecycle – from registration, to key management, OTA, and data communica- tion across the enterprise. Protocols such as OAUTH2 18 should be used as guidelines for securely sharing information. • Secure OTA updates: Performing OTA (over- the-air) updates is one of the most challenging elements of a robust product/solution. The process involves three distinct phases: secure production of the OTA bits, secure transport, Placing data defenses near data sources will help reduce/eliminate the risks emanating from compromised data.
  • 10. Cognizant Reports Safeguarding the Internet of Things | 10 and updating the bits on the target device. Updating binaries should take into account practical challenges, such as network band- width, security of the adopted channels (open, proprietary), and the time it will take to complete an update. Secure OTA binaries can employ basic Public Key Cryptographic Standards (PKCS) for secure packaging and messaging. This is key, since updated end- point security software is necessary to keep IoT devices from being compromised. • Secure remote access: Malicious attackers often target the most obvious vulnerabili- ties – weak admin credentials, open ports, and unpatched operating systems – to gain remote access. Companies should focus on improv- ing the resilience of these assets by carefully considering and strengthening their com- munication protocols, key management (and rotation) strategy, and their ability to render a compromised device to an uncompromised state in the event of a security breach. • Fail Safe/Self-Awareness: Enterprises should consider both external and extraneous factors such as weather and human actions (deliber- ate or inadvertent), which add dimensions to conventional threat modeling. Equipping IoT devices with contextual intelligence helps in building self-awareness. Using this oft- repeated software design principle comes in very handy in the connected world, par- ticularly since the context imposed on these devices is far more imposing than on a typi- cal software system. While advanced machine learning and artificial intelligence are still not commonplace, improvements in processing power and protocol standardization enable devices to fail safely and in context. Layered security design: Finally, organiza- tions should deploy security at all layers of IoT interactions, such as the device, app, and network layer (see Figure 7). Enterprise IoT security can be bolstered by using multiple layers of security, including security protocols, authentication/encryption, intrusion detection/ prevention systems, and firewalls. Positioning security mechanisms at each layer helps protect the overall network with safeguards at the device layer, ensures the integrity and security of data in transit over public communication networks, and secures data in the cloud. Companies should focus on improving resilience by carefully considering and strengthening their communication protocols, key management (and rotation) strategy, and their ability to render a compromised device to an uncompromised state in the event of a security breach.
  • 11. Cognizant Reports Safeguarding the Internet of Things | 11 Security at Multiple Layers of IOT Interactions Security in Every Layer Device Layer Secure booting Authenticity and integrity of software on the device. Device Authentication Machine authentication allows a device to access networks based on credentials from a secured storage area. App Layer Access Control Mandatory Access Control (MAC) or Role Based Access Control (RBAC) to ensure minimal access limited to a component. App Data Integrity and confidentiality of application data. Network Layer Firewalling and IPS Industry-specific protocol filtering and deep packet inspection capabilities are needed to identify malicious payloads hiding in non- IT protocols. Security Information & Event Monitoring (SIEM) Integration with network management and event correlation products. Signaling Integrity Ensuring the signal quality between various devices. Datagram & Signaling Confidentiality Maintaining UDP and electrical communication confidentiality. Figure 7 Cognizant App Data Integrity Access Control App Data Confidentiality A pp Layer N etw ork Layer Signaling Integrity Datagram Signalin ConfidentialitySIEM Network Authentication Device Layer Secure Booting Device Authentication Device Integrity GETTING THERE The Internet of Things promises to change the way enterprises operate, communicate, and compete. Yet along with their many advantages, IoT environments are highly visible and vulnerable to security breaches at various layers. To prevent and deflect these intrusions, companies must build in security from the very beginning – remembering that the Internet of Things involves both physical and virtual operating perimeters that must be properly governed and protected throughout the IoT ecosystem.
  • 12. Cognizant Reports Safeguarding the Internet of Things | 12 FOOTNOTES 1 “Securing the internet of things,” April 2016, Economist Intelligence Unit and Hewlett Packard Enterprise. https://hpe-enter- priseforward.com/eiu-securing-iot/ 2 “Unlocking the potential of the Internet of Things,” McKinsey Global Institute, June, 2015. http://www.mckinsey.com/busi- ness-functions/digital-mckinsey/our-insights/the-internet-of-things-the-value-of-digitizing-the-physical-world 3 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner, April 25, 2016. http://www.gartner. com/newsroom/id/3291817 4 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner, April 25, 2016. http://www.gartner. com/newsroom/id/3291817 5 “A primer on enterprise Internet of Things security planning,” The Economist, April 12, 2016. http://samsungbusiness.econo- mist.com/a-primer-on-enterprise-internet-of-things-security-planning/ 6 “The Internet of Things isn’t coming. It’s here.” ForeScout, June, 2016. https://www.forescout.com/wp-content/ uploads/2016/06/ForeScout-Webtorials-IoT-Security-Survey-Results-June-2016.pdf 7 “Internet of Things: Features, Challenges, and Vulnerabilities,” International Journal of Advanced Computer Science and Information Technology, Vol. 4, No. 1, 2015. https://pdfs.semanticscholar.org/ab0a/90ddd8208234e7335b1cc175b49461c- 2bae5.pdf 8 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner. April 25, 2016. http://www.gartner. com/newsroom/id/3291817 9 “Securing the internet of things,” April, 2016. Economist Intelligence Unit and Hewlett Packard Enterprise. https://hpe-enter- priseforward.com/eiu-securing-iot/ 10 “Secure IoT as It Advances through Maturity Phases,” January, 2016. Forrester and Cloudera. https://www.cloudera.com/ content/dam/www/static/documents/analyst-reports/forrester-secure-iot-as-it-advances-through-maturity-phases.pdf 11 “Survey Identifies Internet of Things (IoT) Security Challenges for the Connected Enterprise,” June 2016, ForeScout, https:// www.forescout.com/company/news/press-release/survey-identifies-internet-things-iot-security-challenges-connected-enter- prise/ 12 “3 Best Practices for protecting against IoT cross-contamination risks,” April, 2016. The Economist, http://samsungbusiness. economist.com/3-best-practices-for-protecting-against-iot-cross-contamination-risks/ 13 “Survey Identifies Internet of Things (IoT) Security Challenges for the Connected Enterprise,” June, 2016. ForeScout. https:// www.forescout.com/company/news/press-release/survey-identifies-internet-things-iot-security-challenges-connected-enter- prise/ 14 Static code analysis is done without executing any of the code; dynamic code analysis relies on studying how the code behaves during execution. September, 2010. www.computerweekly.com 15 The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2) is a U.S. government computer secu- rity standard used to approve cryptographic modules. https://en.wikipedia.org/wiki/FIPS_140-2 16 The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. http://coap.technology/ 17 The Z-Wave protocol is an interoperable, wireless, RF-based communications technology designed specifically for control, monitoring and status reading applications in residential and light commercial environments. http://z-wavealliance.org/ about_z-wave_technology/ 18 OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices. https://oauth.net/2/ 19 “Security In The Internet of Things,” 2015, Wind River Systems, Inc. https://www.windriver.com/whitepapers/security-in-the- internet-of-things/wr_security-in-the-internet-of-things.pdf
  • 13. Cognizant Reports Safeguarding the Internet of Things | 13 AUTHOR & ANALYST Aala Santhosh Reddy Senior Researcher Cognizant Research Center Srinivasan Ganesh Chief Architect – Technology EBA-ERSS Cognizant Corporation SUBJECT MATTER EXPERT
  • 14. World Headquarters 500 Frank W. Burr Blvd. Teaneck, NJ 07666 USA Phone: +1 201 801 0233 Fax: +1 201 801 0243 Toll Free: +1 888 937 3277 European Headquarters 1 Kingdom Street Paddington Central London W2 6BD England Phone: +44 (0) 20 7297 7600 Fax: +44 (0) 20 7121 0102 India Operations Headquarters #5/535 Old Mahabalipuram Road Okkiyam Pettai, Thoraipakkam Chennai, 600 096 India Phone: +91 (0) 44 4209 6000 Fax: +91 (0) 44 4209 6060 © Copyright 2017, Cognizant. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any means,electronic, mechanical, photocopying, recording, or otherwise, without the express written permission from Cognizant. The information contained herein is subject to change without notice. All other trademarks mentioned herein are the property of their respective owners. TL Codex 2465 ABOUT COGNIZANT Cognizant (NASDAQ-100: CTSH) is one of the world’s leading professional services companies, transforming clients’ business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innova- tive and efficient businesses. Headquartered in the U.S., Cognizant is ranked 230 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @Cognizant.