Threats to IoT deployments grew significantly in 2021. According to Sectrio’s threat research team, the volume of complex cyberattacks on various IoT projects grew by a staggering 400 percent in the January to November time period of 2021. This is a cause for concern and highlights the need to act immediately to protect against such attacks, secure assets, and work towards shrinking the available threat surfaces.
Why will IoT security draw more attention in 2022?
Based on the data we are analyzing from our global honeypot network, attacks on IoT devices continue to grow. We are also expecting new forms of ransomware and breach tactics to be deployed to destabilize IoT deployments in the next 90-120 days based on the malware development cycles we have seen in the past.
Here are a few steps that we recommend you can take to secure your IoT infrastructure in 2022:
- Buy devices from authorized and credible suppliers only. This includes everything from CCTV cameras to monitoring and management devices. The supplier should ideally provide visibility into their supply chains including the suppliers and countries from where components are procured
- Perimeter-based security is passe: your data and assets need to be secured through a zero-trust policy wherein trust are granted for a session only after credentials are established before a transaction. No device will have permanent access to any part of the network
- Voluntarily adopt stringent standards: while IEC 62443, NERC CIP, NIST standards, and standards proposed by regional regulators can be adopted at level one, nothing should stop your organization from going well beyond these mandates to improve your compliance posture
- Conduct a cybersecurity self-assessment run once a month to see how you are doing on various IoT security parameters and to figure out how you can improve.
- Build cybersecurity plans that are at a unit level (device), assembly level (aggregation of connected systems), communications (network), storage (cloud)
- Work with vendors who give maximum IoT cybersecurity coverage for your unique protocols and device, and data eco-system
- Sensitize employees and other stakeholders on security issues
- Let your SIEM work with threat intelligence that is specific to your industry and business context
- Scale up your IoT security measures by having regular conversations with all stakeholders
Download our compliance kits to jump start your IoT security journey with the right steps
Talk to our cybersecurity experts to learn how Sectrio’s IoT security solution and threat intelligence can help your business