Building a sustainable and secure iot network, with Diana Kelley
Diana Kelley, Cybersecurity Field CTO, Microsoft, will participate to the re-designed European Security Forum, to be held next September 15th and 16th, 2020. The event will take place in parallel of ICT Spring, at the European Convention Center Luxembourg.
What are the main challenges of building a sustainable and secure IoT network?
The first challenge would be managing the legacy/brownfield deployments already in existence. Then, it’s all about finding solutions that cover IoT security holistically through hardware, software, and management security. Finally, a key challenge is to ink governance and security monitoring from the OT network (often running the IIOT and IOT devices) to the IT network .
What are the first steps? How important is it to follow a specific agenda?
Here they are:
• understand what you have - Inventory and document the IOT environment and topology,
• determine what you need - What new devices or services are required? What regulatory requirements must be met?
• and build a plan - To manage the existing infrastructure security and prepare for future growth.
Once the IoT is secure, what should operators do in order to keep it secure?
It is crucial to keep all hardware and software up to date and patched. Also, operators need to always change default logins/passwords on new and existing devices, while not re-using password across devices. And obviously, they have to monitor for attacks and indicators of compromise.
What about business continuity and reporting?
To ensure continuity, a component monitoring should be focused on health of device (for instance, is it overheating? Does it need to be refilled/recharged?
And devices should be able to report on SOH or connected to systems that can report on SOH for the device.