By Dr. May Wang, CTO of IoT Security at Palo Alto Networks and the Co-founder, Chief Technology Officer (CTO), and board member of Zingbox

At the foundation of cybersecurity is the need to understand your risks and how to minimize them. Individuals and organizations often think about risk in terms of what they’re trying to protect. When talking about risk in the IT world, we mainly talk about data, with terms like data privacy, data leakage and data loss. But there is more to cybersecurity risk than just protecting data. So, what should our security risk management strategies consider? Protecting data and blocking known vulnerabilities are good tactics for cybersecurity, but those activities are not the only components of what CISOs should be considering and doing. What’s often missing is a comprehensive approach to risk management and a strategy that considers more than just data.

The modern IT enterprise certainly consumes and generates data, but it also has myriad devices, including IoT devices, which are often not under the direct supervision or control of central IT operations. While data loss is a risk, so too are service interruptions, especially as IoT and OT devices continue to play critical roles across society. For a healthcare operation for example, a failure of a medical device could lead to life or death consequences.

Challenges of Security Risk Management

Attacks are changing all the time, and device configurations can often be in flux. Just like IT itself is always in motion, it’s important to emphasize that risk management is not static.

In fact, risk management is a very dynamic thing, so thinking about risk as a point-in-time exercise is missing the mark. There is a need to consider multiple dimensions of the IT and IoT landscape when evaluating risk. There are different users, applications, deployment locations and usage patterns that organizations need to manage risk for, and those things can and will change often and regularly.

There are a number of challenges with security risk management, not the least of which is sheer size and complexity of the IT and IoT estate. CISOs today can easily be overwhelmed by information and by data, coming from an increasing volume of devices. Alongside the volume is a large variety of different types of devices, each with its own particular attack surface. Awareness of all IT and IoT assets and the particular risk each one can represent is not an easy thing for a human to accurately document. The complexity of managing a diverse array of policies, devices and access controls across a distributed enterprise, in an approach that minimizes risk, is not a trivial task.

A Better Strategy to Manage Security Risks

Security risk management is not a single task, or a single tool. It’s a strategy that involves several key components that can help CISOs to eliminate gaps and better set the groundwork for positive outcomes.

Establishing visibility. To eliminate gaps, organizations need to first know what they have. IT and IoT asset management isn’t just about knowing what managed devices are present, but also knowing unmanaged IoT devices and understanding what operating systems and application versions are present at all times.

Ensuring continuous monitoring. Risk is not static, and monitoring shouldn’t be either. Continuous monitoring of all the changes, including who is accessing the network, where devices are connecting and what applications are doing, is critical to managing risk.

Focusing on network segmentation. Reducing risk in the event of a potential security incident can often be achieved by reducing the “blast radius” of a threat. With network segmentation, where different services and devices only run on specific segments of a network, the attack surface can be minimized and we can avoid unseen and unmanaged IoT devices as springboards for attacks for other areas of the network. So, instead of an exploit in one system impacting an entire organization, the impact can be limited to just the network segment that was attacked.

Prioritizing threat prevention. Threat prevention technologies such as endpoint and network protection are also foundational components of an effective security risk management strategy. Equally important for threat prevention is having the right policy configuration and least-privileged access in place on endpoints including IoT devices and network protection technologies to prevent potential attacks from happening.

Executing the strategic components above at scale can be optimally achieved with machine learning and automation. With the growing volume of data, network traffic and devices, it’s just not possible for any one human, or even group of humans to keep up. By making use of machine learning-based automation, it’s possible to rapidly identify all IT, IoT, OT and BYOD devices to improve visibility, correlate activity in continuous monitoring, recommend the right policies for least-privileged access, suggest optimized configuration for network segmentation and add an additional layer of security with proactive threat prevention.

About Dr. May Wang:

Dr. May Wang is the CTO of IoT Security at Palo Alto Networks and the Co-founder, Chief Technology Officer (CTO), and board member of Zingbox, which was acquired by Palo Alto Networks in 2019 for its security solutions to Internet of Things (IoT).

IT Leadership, Security

2022 could be a turning point for pairing edge computing and 5G in the enterprise. Let’s examine trends to watch.

The distributed, granular nature of edge computing – where an “edge device” could mean anything from an iPhone to a hyper-specialized IoT sensor on an oil rig in the middle of an ocean – is reflected in the variety of its enterprise use cases.

There are some visible common denominators powering edge implementations: Containers and other cloud-native technologies come to mind, as does machine learning. But the specific applications of edge built on top of those foundations quickly diversify.

“Telco applications often have little in common with industrial IoT use cases, which in turn differ from those in the automotive industry,” says Gordon Haff, technology evangelist, Red Hat.

This reflects the diversity of broader edge computing trends he sees expanding in 2022.

When you pair maturing edge technologies and the expansion of 5G networks, the enterprise strategies and goals could become even more specific.

Simply put, “the 5G and edge combination varies by the type of enterprise business,” says Yugal Joshi, partner at Everest Group, where he leads the firm’s digital, cloud, and application services research practices.

Broadly speaking, the 5G-edge tandem is poised to drive the next phases of digital transformations already underway in many companies. As Joshi sees it, there will be a new wave of high-value production assets (including the copious amounts of data that edge devices and applications produce) becoming mainstream pieces of the IT portfolio – and subsequently creating business impact.

“Enterprises combine 5G to edge locations and create a chain of smart devices that can communicate with each other and back-end systems, unlike earlier times where network transformation didn’t touch the last-mile device,” Joshi says.

 

Edge computing’s turning-point year

The 5G-edge pairing is a long-tail event for enterprises. But there are plenty of reasons – including, of course, the expansion of telco-operated 5G networks – to think 2022 will be a turning-point year.

“We’ll see the transition from many smaller, early-stage deployments to wide-scale, global deployments of production 5G networks, following cloud-native design principles,” says Red Hat CTO Chris Wright. “As we provide a cloud-native platform for 5G, we have great visibility into this transition.”

“In 2022, 5G and edge will unify as a common platform to deliver ultra-reliable and low latency applications,” says Shamik Mishra, CTO for connectivity, Capgemini Engineering. A confluence of broader factors is feeding this type of belief including, of course, more widely available 5G networks.

“Edge use cases have a potential to go mainstream in 2022 with the development of edge-to-cloud architecture patterns and the rollout of 5G,” says Saurabh Mishra, senior manager of IoT at SAS.

The “last mile” concept is key. From a consumer standpoint, the only thing most people really care about when it comes to 5G is: “This makes my phone faster.”

The enterprise POV is more complex. At its core, though the 5G-edge relationship also boils down to speed, it’s usually expressed in two related terms more familiar to the world of IT: latency and performance. The relentless pursuit of low latency and high performance is embedded in the DNA of IT leaders and telco operators alike.

New horizons, familiar challenges

Consumer adoption of 5G and edge is enviably straightforward: Do I live in a coverage area, and do I need a new phone?

Obviously, there’s a little more to it from both the operator and broader enterprise perspective. While the potential of 5G-enabled edge architectures and applications is vast – and potentially lucrative – there will be some challenges for IT and business leaders along the way. Many of them may seem familiar.

For one, the 5G-edge combo in an enterprise context invariably means deploying and managing not just IT but OT (operational technology), and lots of it. As with other major initiatives, there will be a lot of moving parts and pieces to manage.

“Governance and scale will continue to be a challenge given the disparate people and systems involved – OT versus IT,” says Mishra from SAS. “Decision-making around what workloads live in the cloud versus the edge and a lack of understanding about the security profile for an edge-focused application will also be a challenge.”

Scale may be the biggest mountain to climb. It will require pinpoint planning, according to Kris Murphy, senior principal software engineer at Red Hat.

“Standardize ruthlessly, minimize operational ‘surface area,’ pull whenever possible over push, and automate the small things,” Murphy says.

5G and edge will also breed another familiar issue for CIOs – the occasional gap between what a vendor or provider says it can do and what it can actually do in your organization. Joshi says this is one important area that enterprise leaders can prepare for now, while the underlying technologies advance and mature.

“What will be more important for enterprise IT is to enhance its business understanding of operational technology, as well as be comfortable working with a variety of network equipment providers, cloud vendors, and IT service providers,” Joshi says.

Lock-in could be another familiar challenge for enterprise IT, Joshi says, underlining the need for rigorous evaluation of potential platforms and providers.

“Open source adoption and openness of the value chain, [including] RAN software, towers, base stations, cloud compute, and storage” will be an important consideration, Joshi says, as well a nose for finding substance amidst hype.

That brings us back to use cases. If you’re unsure about what’s next for 5G and edge in your organization, then start with the potential business applications. That should ultimately guide any further strategic development. Joshi sees growing adoption of remote training using digital twins, remote health consultations, media streaming, and real-time asset monitoring, among other uses.

“Any enabling factors in 5G such as small cells and low latency, strongly align to an edge architecture,” Joshi says. “However, the intention should not be to enable 5G, but to have a suitable business scenario where 5G adoption can enhance impact.”

To learn more, visit Red Hat here.

Edge Computing