Securing IoT in the enterprise is complex because of the varying IoT devices and their diversity in form, function and purpose. While some IoT devices like smart devices may have some form of memory and computing, therefore operating system, others like sensors and telemetry modules merely capture data and pass this to other technologies in the workflow.
It is this diversity of form, function and technology, and the proliferation of multiple standards or protocols that has limited the ability of IT and security teams to integrate the security of IoT technologies into the enterprise.
According to Amit Bareket, VP for Secure Service Edge at Check Point Software Technologies, the challenge lies in the transformation of corporate networks due to mobility and cloud computing. He explained that this shift has redefined the Internet as the new corporate network.
“Employees accessing cloud resources from outside the office necessitates opening up corporate resources to the internet, introducing significant security risks,” he added. “Traditional network security measures are often inadequate in this new landscape.
“There's a pressing need to rethink security strategies to effectively mitigate various cyber threats, as evidenced by recent high-profile attacks like the oil pipeline incident in the United States. This shift will undoubtedly remain a top priority for every CIO and CISO over the next five years.”
Amit Bareket
Securing OT is not that easy
Bareket commented that part of the security challenge lies in the sheer number of devices that need to be connected to the network. Finding all the devices remains a challenge, he opined.
Reflecting on the transitions many organisations had to undergo during the COVID-19 pandemic, he pointed out that the rapid transformation caught many off guard. He cited the global shutdowns that occurred during the pandemic.
“Suddenly, businesses that never envisioned remote operations have to thrust themselves into a new reality where remote work became the norm almost overnight,” he commented. “This abrupt shift left CIOs and CISOs grappling with uncertainty: Would we revert to the old ways, or was this the new normal? It became increasingly clear that remote work was here to stay, challenging our preconceptions about the pace of change.”
He added that what was initially projected to take 5—10 years unfolded within a single year. “I think today we stand in a strong position with robust solutions to meet the demands of this new landscape,” he continued.
SASE to the rescue
Secure Access Service Edge (SASE) is the convergence of connectivity and security helping organizations to achieve a consistent security posture by implementing a decentralised concept where security is provided directly at the source, with the management of all involved components done in the cloud. Bereket says SASE is just a secure network over the internet. SASE is a secure network infrastructure over the internet, encompassing various components such as users, cloud resources, and IoT devices.
Unlike traditional endpoints, IoT devices cannot typically accommodate agent or app installations, necessitating a network-level approach to security. He used Check Point's integration with SD-WAN devices and gateways as an example claiming it facilitates the creation of a unified network under the SASE platform.
“This integration provides visibility into IoT devices and enables security enforcement at the network level. Check Point's IoT security features, including device discovery and policy enforcement, play a crucial role in securing these devices within the SASE framework,” he continued.
SASE promises to bring IoT into the security framework of the organisation.
Asked whether IT leaders have heard the SASE story and are incorporating the technology into the overall network architecture he opined it has already happened.
“It’s evident that the internet is now the new corporate network. It is here to stay,” he started. He recalled a recent conversation with a major bank: “It was clear that they recognise this shift and understand that embracing solutions like SASE is inevitable,” he revealed.
“The pace of digital evolution will only accelerate, with forecasts from Gartner projecting a 30% year-over-year growth in the market for the next three years. By 2027, this market is expected to reach US$25 to US$28 billion from US$9 billion in 2024, further emphasising the significance of this shift in networking and security paradigms,” he concluded.
Click on the PodChat player and listen to Bareket elaborate on the intersection of IoT and SASE in OT security.
- What are the top challenges faced in OT security in 2024?
- What are the key components of OT security?
- For a long time, the security of operational technology has been kept out of the IT portfolio. Given the recent rise in attacks against critical and industrial systems, do you see a convergence of IT and OT security and who will lead the charge?
- How does IoT fit into SASE (and vice versa)?