i-PRO Shares IoT Pillars of Cybersecurity for Cybersecurity Awareness Month

i-PRO Shares IoT Pillars of Cybersecurity for Cybersecurity Awareness Month

Featuring four pillars that should be the foundation of any IoT security program

  • Oct 04, 2022

i-PRO Co., Ltd is proud to join with the Department of Homeland Security Cyber and Infrastructure Security Agency (DHS CISA) to raise awareness around cybersecurity for NCSAM (National Cyber Security Awareness Month). The world has seen significant increases in cyber-attacks aimed at critical infrastructure and security products in the last few years, with IIoT (Industrial Internet of Things) devices such as security cameras, becoming prime targets for hackers.

According to a Kaspersky analysis of its telemetry from honeypots shared with Threatpost, in first half of 2021 alone, there were over 1.5 billion IoT breaches. This statistic is just the recorded number, meaning the actual number is probably much higher. It is clear that IoT and IIoT manufacturers must do more to help secure these devices and educate the market on security best practices.
 
i-PRO focuses on what the company believes are the four core tenets (or pillars) that should be the foundation of any IoT security program. The four pillars are resiliency, cyber hygiene, product security, and proper configuration.
 
Four Pillars of Cybersecurity for IoT Devices
 
Resiliency
The first pillar focuses on resiliency, which simply put means that your IoT device or security system will be there when you need it the most. Will your security system work during a power outage, severe weather, communication disruption (telephone or internet outage), or cyber-attack? Questions like this will help your organization determine if your devices are resilient. One of the toughest challenges in achieving true resiliency is marrying physical security and cybersecurity together.

Cyber Hygiene
Cyber Hygiene is concerned with the care and maintenance of IoT devices. When was the last time you updated your IoT firmware or software? Do you have an inventory of all IoT devices on your network? Are you using strong passwords or authentication for your IoT devices? Did you ever change the default passwords on your IoT devices? These questions will give you a sense of your cyber hygiene. IoT devices must be updated and inventoried just like any other device on the network. Often they overlooked or forgotten about once deployed.
 
Product Security
Product security refers to the security features on the device itself. Many IoT devices, especially cheap ones or devices made by fly-by-night companies, do not build security features into their devices. We recommended purchasing devices from reputable companies that will fix security flaws as they are reported. Some of the security features to look for in an IoT device are encryption (protecting usernames, passwords, and device traffic), authentication (does the device ensure that it only takes instructions for an authenticated source), and the support of secure network standards like 802.1x.
 
Proper Configuration
While the security features of an IoT device are important, they become pointless if they are not configured or set up properly. Proper configuration focuses on ensuring the devices have the security features turned on, and turning off any features that aren’t in use, but it also includes making sure that the network is set up properly. Often these IoT devices are hacked because attackers can get to the devices in the first place, one way to help with that is by ensuring that your IoT devices are not visible from the internet. This can be done by properly configuring the network and using network security best practices such as network segmentation.

“Over the next few weeks, i-PRO will release more detailed explanations of each pillar and best practices as part of its blog series on the topic. https://i-pro.com/global/en/surveillance/news  (click on Blog under News and Events)

“Over the next few weeks, i-PRO will release more detailed explanations of each pillar and best practices as part of its blog series on the topic. https://i-pro.com/global/en/surveillance/news  (click on Blog under News and Events)

Featured

  • New Report Reveals Top Security Risks for U.S. Retail Chains

    Interface Systems, a provider of security, actionable insights, and purpose-built networks for multi-location businesses, has released its 2024 State of Remote Video Monitoring in Retail Chains report. The detailed study analyzed over 2 million monitoring requests across 4,156 retail locations in the United States from September 2023 to August 2024. Read Now

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3