safeguarding the internet of things - cognizant · cognizant reports safeguarding the internet of...
TRANSCRIPT
Cognizant Reports | May 2017
Safeguarding the Internet of Things
While the Internet of Things promises real-time operational benefits, vulnerabilities can be easily exploited unless security is embedded from the inside out – from conception, deployment, and maintenance, to the network edge and across connected devices and infrastructures.
COGNIZANT REPORTS
Cognizant Reports
Safeguarding the Internet of Things | 2
EXECUTIVE SUMMARY
The rapid growth of the Internet of Things (IoT) has left enterprise networks and IoT
devices extremely vulnerable to security breaches. Although this threat looms large for
companies deploying IoT applications and infrastructures, most organizations’ security
budgets do not account for securing their IoT subnetworks. That’s because current
IoT devices and infrastructures are not equipped to avert today’s sophisticated attack
methods. The heterogenous nature of device software, insufficient monitoring, and a
lack of visibility into IoT devices only add to the complexity of safeguarding enterprise
IoT ecosystems. At the same time, investing in highly secure IoT-based infrastructure can
deliver a range of significant benefits, including:
• Higher revenues from new business models.
• Lower operational costs through optimized processes and seamless business operations.
• Immediate access to clean, meaningful, and highly accurate data.
• A superior user experience.
To develop such an infrastructure, organizations need to build in security at every stage –
from application conception and design, to deployment, operations, maintenance, upgrades,
and retirement. Companies that have already implemented an IoT solution can consider
an outside-in approach by undergoing an independent review of their infrastructure that
includes:
• Threat modeling across all security layers.
• Tailored penetration testing and vulnerability assessment.
• Review of common attack surface areas.
Organizations that want to identify vulnerabilities and improve their security stance from
the beginning should consider an inside-out approach that focuses on ensuring that key
elements are embedded in their IoT solution:
• Secure boot and hardware-based security controls.
• Device authentication and secure data management.
• A policy framework for governance.
• Secure, over-the-air (OTA) updates.
• Secure remote access.
• Fail safe/self-awareness.
• A layered security design.
Cognizant Reports
Safeguarding the Internet of Things | 3
Cognizant Reports
THE STATE OF IOT SECURITY
The Internet of Things (IoT) is growing at a stunning pace – expected to account for 28.1 billion con-
nected devices by 2020 (see Figure 1).1 From an economic standpoint, linking the physical and digital
worlds could generate up to $11.1 trillion a year by 2025.2 Organizations that are using or plan to use
the IoT will have to ensure that all IoT devices connected to their networks are highly secure; other-
wise, they can be a potential entry point for network intrusions.
Projected Number of IoT Connected Devices: 2015-2020
(billions)
13.1
16.3
19.2
22.2
25.2
28.1
2015 2016 2017 2018 2019 2020
Figure 1
Source: IDC, Worldwide and Regional IoT Forecasts, 2015 via Economist
According to Gartner, spending on IoT security is expected to reach $547 million in 2018,3 almost
double the $281.54 billion expended in 2015. Gartner also predicts that by 2020 more than 25% of
identified enterprise security breaches will involve the Internet of Things. Yet the IoT will account
for less than 10% of IT security budgets.4 Research indicates that a majority of IoT devices, such
as SCADA systems, medical devices, critical infrastructure components, smart meters, and appli-
ances, have insufficient security mechanisms. Furthermore, less than one-third use encryption to
protect vital systems and safeguard the data coursing through their networks.5 Poor communica-
tion between IT teams and the low priority accorded to securing IoT data by top-level management
are also proving to be major impediments to adequately safeguarding enterprise IoT environments
(see Figure 2, next page).6
Cognizant Reports
Safeguarding the Internet of Things | 5
ENTERPRISE IOT SECURITY CHALLENGES
The very nature of IoT infrastructures poses
numerous challenges to companies securing
their IoT installations:
Device & Infrastructure Vulnerabilities
Because IoT infrastructures rely on both physical
and virtual components, risks and vulnerabilities
are compounded. This can overwhelm security
administrators. Most IoT devices typically oper-
ate outside organizational firewalls, yet connect
directly to companies’ internal networks and
applications – significantly increasing their vul-
nerability by extending the attack surface (i.e.,
the number of unprotected devices that attackers
can target). Unprotected IoT devices in a network
can be converted into bots by attackers, then
used to attack third-party systems and extract
data from communication channels.7 Gartner
says that security vendors will be challenged to
provide usable IoT security features because of
the limited assigned budgets for IoT, and orga-
nizations’ decentralized approach to early IoT
implementations.8
IoT devices are predominantly single-purpose
tools; their function is governed by sensors and
the types of data they bring into an enterprise.
Unlike their more evolved IT counterparts (smart-
phones, desktops, and portable computers),
IoT devices’ processing and storage capacity is
strictly for functional purposes, and not intended
to handle heavy-duty computing tasks, such as
encryption, unless absolutely necessary (see
Figure 3). Otherwise, the devices become easy
Which of the Following Do You Believe Will be Your Organization’s One or Two Biggest Challenges Around IoT security?
41%
34%
34%
27%
25%
4%
IT and OT Functions Working Together – Example: Technology
Acknowledging IoT Devices – They are around and need to be secured
Allocating Budget for Security for IoT Devices
Solution Availability – Which are industry approporiate
Lack of Personal Resources
Others
Figure 2
Source: Forescout, 2016
Top IoT Vulnerabilities
1 Unsecured Web Interface
2 Insufficient Authentication/Authorization
3 Unsecured Network Services
4 Lack of Transport Encryption/
Integrity Verification
5 Privacy Concerns
6 Unsecured Cloud Interface
7 Unsecured Mobile Interface
8 Insufficient Security Configurability
9 Unsecured Software/Firmware
10 Poor Physical Security
Figure 3
Source: www.owasp.org
Safeguarding the Internet of Things | 6
targets for potential hackers looking for the
weakest link in the enterprise (see Figure 4).9
As they evolve, IoT devices are expected to take
on more complex tasks related to data collec-
tion, communication, and analysis, which will
enhance their autonomous decision-making
capabilities.10
Yet if left unprotected and without
sufficient security controls, they will become
the target of choice for attackers looking to
steal raw and processed data (see Figure 5). The
ease and effort involved in rectifying this issue
Cognizant 20-20 Insights
Percentage of Devices Vulnerable to Cyber-Penetration
80%
80%
70%
70%
60%
Failed to require adequate password protection
Raised serious privacy concerns
Enabled hackers to identify user accounts
Did not encrypt data to the Internet or local network
Did not use encryption when downloading software
Figure 4
Source: Hewlett Packard Enterprise Security Research, 2015 via Economist.Devices came from manufacturers of TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers. All devices used mobile connections, and the majority were connected to a cloud service.
Risks Increase as the IoT Matures
Phase
Function Dumb Basic Smart Semi-Autonomous Fully Autonomous
Data Collection No Data No-Risk Data Moderate-Risk Data High-Risk Data
Data Analysis No Analysis No Analysis Cloud Analysis Cloud + On-Device
Decision Making No Decisions Human-Controlled Cloud-Based Cloud + On-Device
Communications No Communications Cloud Read Cloud Read Write Machine-to-Machine
Potential Impact Limited Moderate High Critical
Figure 5
Source: Forrester and Cloudera
Cognizant Reports
Safeguarding the Internet of Things | 7
is directly proportional to the distance between
the “break-in” point and the edge device – the
entryway to enterprise networks, and where
data collection takes place, followed by data
analysis, policy decisions, communications, and
applications.
Software Heterogeneity
By design, an IoT infrastructure establishes
multiple connections – numbering in the bil-
lions – between things, people, and other entities.
Managing user permissions for these relation-
ships is already a major challenge. Each IoT
device comes with unique, manufacturer-supplied
software and services, which can expose gaps in
privacy, security, compliance, and transparency.
These vulnerabilities are not only difficult to
detect, they’re hard to resolve. Also, given these
devices’ limited processing power and storage,
running them on old and often unpatched oper-
ating systems only increases risk.
Software heterogeneity is evident in the vari-
ety of protocols currently used by companies
in industries that focus more on functionality
than security. For example, the z-wave proto-
col applies more to home automation and radio
frequency-type devices, while MQTT or AMQP
protocols are more suited to middleware for
enterprise-grade devices. Since the identity of
a device is the focal point of IoT security chal-
lenges, standardizing protocols and applications
for industries and contexts is a fundamental
requirement when handling this level of diversity.
Poor Visibility & Monitoring
Securing any network requires that connected
devices be visible and manageable. Yet when it
comes to the Internet of Things, many organiza-
tions fail to extend their security policies to IoT
devices or gateways connected to home net-
works.11 Surprisingly, a 2014 study by Tripwire
and Atomik Research reveals that a majority
of employees who work in industries with criti-
cal infrastructures routinely access company
documents and e-mail from home, and on aver-
age had 11 IoT devices connected to their home
networks.12 A survey conducted by ForeScout
13
found that half of the IT professionals surveyed
lacked the ability to see, manage, and control
the IoT devices connected in their network.
This is largely due to the erratic adoption of
available protocols and proprietary customiza-
tions – rendering devices even more vulnerable.
The challenge is to develop a consistent policy
for exchanging and handling data securely within
and across devices – from discovery to authenti-
cation. Single-purpose devices tie themselves to
their respective provider apps or cloud platforms,
while general-purpose devices typically lack
the ability to improvise or integrate a common
authentication or policy-management solution to
monitor them.
SECURING AN ENTERPRISE IoT NETWORK
Organizations must understand the extent to
which IoT networks, related infrastructures, and
ecosystems can evolve. Looking through the
The challenge is to develop a consistent policy for exchanging and handling data securely within and across devices.
Cognizant Reports
Safeguarding the Internet of Things | 8
security prism at a high level, enterprises fall into
two broad categories:
• Those that have already implemented com-
mercial IoT solutions/vendor products, with
potential limitations concerning the level of
security supported natively by underlying
solutions.
• Those that take the opportunity to engineer
or integrate an IoT solution/platform with
the intent to potentially incorporate industry
standards or risk-driven security features into
their IoT solutions or supporting ecosystem.
The following recommendations can help com-
panies decide where they stand in terms of IoT
security, and what they need to do going forward.
Review the Security of Existing IoT Solutions
Companies that have already implemented an IoT
solution should undergo an independent review
to determine the resilience of their existing IoT
environment. This requires them to:
• Perform threat modeling at each security
layer, including devices, gateways, and the
connected cloud/ IT infrastructure.
• Gather insights from the threat modeling;
perform a tailored penetration test to assess
vulnerabilities at each layer. The choice of
static or dynamic analysis can be based on
the availability of code.14
• Review common attack surfaces, such as
the communication protocol, authentication
between endpoints, fail-safe devices, and the
exposures associated with the hosting infra-
structure, such as the gateways.
• Enumerate attack routes, such as physi-
cal access points, communication channels,
connecting applications, interfaces, and
consuming services. Figure 6 illustrates this
point using two common industries: utilities
(smart meters) and automotive (connected
cars) as examples. This assessment should
be tailored to each attack point in the respec-
tive layers.
Embed Security Throughout the Lifecycle
Organizations betting heavily on an IoT solution/
appliance can improve their odds of success by
focusing on security from the ideation stage. This
can be done with a thoughtfully considered set
of alternatives for authentication, data manage-
ment, and control, keeping in mind the context
Enumerate Attack Routes
Attack Points Smart Meters Connected CarsPhysical Access Disassembling to gain access
to electronic components, communication buses
Access to CAN/LIN networks; access through OBD connectors
Communication Channels Zigbee, Zwave, 6LowPAN 3G/4G, Wifi, BLE, Satellite Radio, RBDS
Connecting Applications, Interfaces
Metering and control applications, mobile applications
Mobile apps, media players, iPod, AUX, USB, SD cards
Consuming Services Web services, RESTful APIs, cloud/data aggregation IOT platforms
Vendor platforms, open platforms (maps, navigation, weather)
Figure 6
Source: Cognizant
Safeguarding the Internet of Things | 9
Enterprises should develop strong device identification and authentication processes to ensure that only authenticated IoT devices are integrated with their centralized network.
of the IoT devices’ physical operating boundar-
ies, as well as the dependencies and independent
factors governing them. This inside-out approach
should consider the following parameters:
• Secure boot and hardware-based security
controls: The choice of microcontroller; the
possibility of having trusted platform modules
for segregating secure operations; the use of
specialized security chips/coprocessors; and
the application of cryptographic modules in
line with standards such as FIPS 140-215
to
determine the longevity of a design and the
resilience of the finished product over time.
• Device authentication and secure data
management: The sophistication of authen-
tication mechanisms is largely related to
the choice of hardware and specifications.
Authentication form factors (shared keys,
user name/passwords, certificates, etc.) and
current protocols (CoAP,16
ZWave,17 Bluetooth,
etc.) are consolidating. Enterprises should
develop strong device identification and
authentication processes to ensure that only
authenticated IoT devices are integrated with
their centralized network.
Extending this further, companies should
ensure that devices have authorization
restrictions and use encryption to secure code
and data. Organizations should limit the data
they collect and retain, and dispose of it once
they no longer need it, since unprotected data
can provide attackers with ways to jeopardize
IoT networks. Placing data defenses near data
sources will help reduce/eliminate the risks
emanating from compromised data.
• Policy framework for governance: A sound
governance policy is critical for effectively
managing devices, people, information, and
other entities within an IoT environment.
Device binaries should include signatures that
identify them to a common gateway policy
engine, and govern the devices through-
out their lifecycle – from registration, to key
management, OTA, and data communica-
tion across the enterprise. Protocols such as
OAUTH218
should be used as guidelines for
securely sharing information.
• Secure OTA updates: Performing OTA (over-
the-air) updates is one of the most challenging
elements of a robust product/solution. The
process involves three distinct phases: secure
production of the OTA bits, secure transport,
Placing data defenses near data sources will help reduce/eliminate the risks emanating from compromised data.
Cognizant Reports
Safeguarding the Internet of Things | 10
and updating the bits on the target device.
Updating binaries should take into account
practical challenges, such as network band-
width, security of the adopted channels
(open, proprietary), and the time it will take
to complete an update. Secure OTA binaries
can employ basic Public Key Cryptographic
Standards (PKCS) for secure packaging and
messaging. This is key, since updated end-
point security software is necessary to keep
IoT devices from being compromised.
• Secure remote access: Malicious attackers
often target the most obvious vulnerabili-
ties – weak admin credentials, open ports, and
unpatched operating systems – to gain remote
access. Companies should focus on improv-
ing the resilience of these assets by carefully
considering and strengthening their com-
munication protocols, key management (and
rotation) strategy, and their ability to render
a compromised device to an uncompromised
state in the event of a security breach.
• Fail Safe/Self-Awareness: Enterprises should
consider both external and extraneous factors
such as weather and human actions (deliber-
ate or inadvertent), which add dimensions to
conventional threat modeling. Equipping IoT
devices with contextual intelligence helps
in building self-awareness. Using this oft-
repeated software design principle comes
in very handy in the connected world, par-
ticularly since the context imposed on these
devices is far more imposing than on a typi-
cal software system. While advanced machine
learning and artificial intelligence are still not
commonplace, improvements in processing
power and protocol standardization enable
devices to fail safely and in context.
Layered security design: Finally, organiza-
tions should deploy security at all layers of
IoT interactions, such as the device, app, and
network layer (see Figure 7). Enterprise IoT
security can be bolstered by using multiple
layers of security, including security protocols,
authentication/encryption, intrusion detection/
prevention systems, and firewalls. Positioning
security mechanisms at each layer helps protect
the overall network with safeguards at the device
layer, ensures the integrity and security of data in
transit over public communication networks, and
secures data in the cloud.
Companies should focus on improving resilience by carefully considering and strengthening their communication protocols, key management (and rotation) strategy, and their ability to render a compromised device to an uncompromised state in the event of a security breach.
Cognizant Reports
Safeguarding the Internet of Things | 11
Security at Multiple Layers of IOT Interactions
Security in Every Layer
Device Layer
Secure booting Authenticity and integrity of software on the device.
Device Authentication
Machine authentication allows a device to access networks based on credentials from a secured storage area.
App Layer
Access Control Mandatory Access Control (MAC) or Role Based Access Control (RBAC) to ensure minimal access limited to a component.
App Data Integrity and confidentiality of application data.
Network Layer
Firewalling and IPS Industry-specific protocol filtering and deep packet inspection capabilities are needed to identify malicious payloads hiding in non-IT protocols.
Security Information & Event Monitoring (SIEM)
Integration with network management and event correlation products.
Signaling Integrity Ensuring the signal quality between various devices.
Datagram & Signaling Confidentiality
Maintaining UDP and electrical communication confidentiality.
Figure 7
Cognizant
App DataIntegrity
AccessControl
App DataConfidentiality
App L
ayer
Networ
k Lay
er
SignalingIntegrity
DatagramSignalin
ConfidentialitySIEM
NetworkAuthentication
Device Layer
Secure Booting
Device Authentication
Device Integrity
GETTING THERE
The Internet of Things promises to change the way enterprises operate, communicate, and compete.
Yet along with their many advantages, IoT environments are highly visible and vulnerable to security
breaches at various layers. To prevent and deflect these intrusions, companies must build in security
from the very beginning – remembering that the Internet of Things involves both physical and virtual
operating perimeters that must be properly governed and protected throughout the IoT ecosystem.
Cognizant Reports
Safeguarding the Internet of Things | 12
FOOTNOTES
1 “Securing the internet of things,” April 2016, Economist Intelligence Unit and Hewlett Packard Enterprise. https://hpe-enter-
priseforward.com/eiu-securing-iot/
2 “Unlocking the potential of the Internet of Things,” McKinsey Global Institute, June, 2015. http://www.mckinsey.com/busi-
ness-functions/digital-mckinsey/our-insights/the-internet-of-things-the-value-of-digitizing-the-physical-world
3 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner, April 25, 2016. http://www.gartner.
com/newsroom/id/3291817
4 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner, April 25, 2016. http://www.gartner.
com/newsroom/id/3291817
5 “A primer on enterprise Internet of Things security planning,” The Economist, April 12, 2016. http://samsungbusiness.econo-
mist.com/a-primer-on-enterprise-internet-of-things-security-planning/
6 “The Internet of Things isn’t coming. It’s here.” ForeScout, June, 2016. https://www.forescout.com/wp-content/
uploads/2016/06/ForeScout-Webtorials-IoT-Security-Survey-Results-June-2016.pdf
7 “Internet of Things: Features, Challenges, and Vulnerabilities,” International Journal of Advanced Computer Science and
Information Technology, Vol. 4, No. 1, 2015. https://pdfs.semanticscholar.org/ab0a/90ddd8208234e7335b1cc175b49461c-
2bae5.pdf
8 “Gartner Says Worldwide IoT Security Spending to Reach $348 Million in 2016,” Gartner. April 25, 2016. http://www.gartner.
com/newsroom/id/3291817
9 “Securing the internet of things,” April, 2016. Economist Intelligence Unit and Hewlett Packard Enterprise. https://hpe-enter-
priseforward.com/eiu-securing-iot/
10 “Secure IoT as It Advances through Maturity Phases,” January, 2016. Forrester and Cloudera. https://www.cloudera.com/
content/dam/www/static/documents/analyst-reports/forrester-secure-iot-as-it-advances-through-maturity-phases.pdf
11 “Survey Identifies Internet of Things (IoT) Security Challenges for the Connected Enterprise,” June 2016, ForeScout, https://
www.forescout.com/company/news/press-release/survey-identifies-internet-things-iot-security-challenges-connected-enter-
prise/
12 “3 Best Practices for protecting against IoT cross-contamination risks,” April, 2016. The Economist, http://samsungbusiness.
economist.com/3-best-practices-for-protecting-against-iot-cross-contamination-risks/
13 “Survey Identifies Internet of Things (IoT) Security Challenges for the Connected Enterprise,” June, 2016. ForeScout. https://
www.forescout.com/company/news/press-release/survey-identifies-internet-things-iot-security-challenges-connected-enter-
prise/
14 Static code analysis is done without executing any of the code; dynamic code analysis relies on studying how the code
behaves during execution. September, 2010. www.computerweekly.com
15 The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2) is a U.S. government computer secu-
rity standard used to approve cryptographic modules. https://en.wikipedia.org/wiki/FIPS_140-2
16 The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and
constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as
smart energy and building automation. http://coap.technology/
17 The Z-Wave protocol is an interoperable, wireless, RF-based communications technology designed specifically for control,
monitoring and status reading applications in residential and light commercial environments. http://z-wavealliance.org/
about_z-wave_technology/
18 OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop
applications, mobile phones, and living room devices. https://oauth.net/2/
19 “Security In The Internet of Things,” 2015, Wind River Systems, Inc. https://www.windriver.com/whitepapers/security-in-the-
internet-of-things/wr_security-in-the-internet-of-things.pdf
Cognizant Reports
Safeguarding the Internet of Things | 13
AUTHOR & ANALYST
Aala Santhosh ReddySenior Researcher Cognizant Research Center
Srinivasan GaneshChief Architect – Technology EBA-ERSS Cognizant Corporation
SUBJECT MATTER EXPERT
World Headquarters
500 Frank W. Burr Blvd.Teaneck, NJ 07666 USAPhone: +1 201 801 0233Fax: +1 201 801 0243Toll Free: +1 888 937 3277
European Headquarters
1 Kingdom Street Paddington Central London W2 6BD EnglandPhone: +44 (0) 20 7297 7600 Fax: +44 (0) 20 7121 0102
India Operations Headquarters
#5/535 Old Mahabalipuram RoadOkkiyam Pettai, ThoraipakkamChennai, 600 096 IndiaPhone: +91 (0) 44 4209 6000Fax: +91 (0) 44 4209 6060
© Copyright 2017, Cognizant. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any means,electronic, mechanical, photocopying, recording, or otherwise, without the express written permission from Cognizant. The information contained herein is subject to change without notice. All other trademarks mentioned herein are the property of their respective owners.
TL Codex 2465
ABOUT COGNIZANT
Cognizant (NASDAQ-100: CTSH) is one of the world’s leading professional services companies, transforming clients’ business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innova-tive and efficient businesses. Headquartered in the U.S., Cognizant is ranked 230 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @Cognizant.