Getting in front of the IoT trend
By Russell Skingsley, Juniper Networks Vice President of APAC Systems Engineering
Companies that do not get in front of the Internet of Things (IoT) trend, will be overwhelmed by skyrocketing cybersecurity costs, due to huge influx of new connected technologies.
According to Russell Skingsley, vice president of APAC systems engineering and center of excellence from Juniper Networks, “Companies need to ensure that the performance of their security infrastructure is capable of managing the increased bandwidth that will come with these new devices and connections coming online.”
No doubt, special attention should be paid to companies building cloud infrastructure, which will be the backbone of many of these services.
“Companies will need to determine what security controls should be put in place to govern these new devices in corporate environments. Similar to how Bring Your Own Device (BYOD) is being managed today, companies must ensure now that they have the proper tools to quickly provision and manage new IoT connections as they enter their networks,” he explained.
Designing BYOD policies
Organisations could restrict the network connection of non-computer devices (e.g. smart phones, thermostats, and intelligent appliances) by enforcing BYOD policies. This has the effect of reducing the number of devices that offer a foothold into the overall network, thereby raising external hardness and lowering the likelihood of a successful cyber-attack.
SSkingsley said, “Strict rules on device management might not fit for either a company whose external hardness is very high or one whose external hardness is very low, by way of being very large and thus connecting so many computers to its networks that one of them is almost certain to have been breached.”
That said, organisations that have tackled their cybersecurity problems by their use of tools have a correspondingly lower requirement for tough BYOD/smart device policies.
Security at the network layer and beyond
attackers are constantly developing countermeasures to new detection systems. There is no one-size-fits-all in the proper mix of investments and steps companies can take. The optimal number of security tools, training to offer employees, management of personal devices and which networks need to be segmented from the Internet varies greatly from company to company.
Skingsley recommended, “As such, companies need a better way to start managing security like a business with better metrics to determine return on managing risk to investment or RROI, versus just having security technologies in place or counting threats.
“They also need to constantly evaluate the lifecycle and effectiveness of their programmes, similar to how one would manage a stock portfolio for business.”
Network security still has a major role securing an organisation during the massive hammering that is about to come down upon its networks in the near future.
Skingsley concluded, “To this end, ensuring strong network security at the level of desired performance has been a challenge for many organisations. Customers value high performance without compromising network security, and downtime is not an option for organisations’ security solutions.”