{"id":152,"date":"2019-10-06T05:31:02","date_gmt":"2019-10-06T04:31:02","guid":{"rendered":"http:\/\/soarexpert.com\/?page_id=152"},"modified":"2019-10-06T05:51:14","modified_gmt":"2019-10-06T04:51:14","slug":"how-to-prepare-your-soc-for-the-iot-and-is-challenges","status":"publish","type":"page","link":"https:\/\/soarexpert.com\/index.php\/how-to-prepare-your-soc-for-the-iot-and-is-challenges\/","title":{"rendered":"How to Prepare Your SOC for the IoT and is challenges"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t

IoT has found anywhere we go, in our home, our work, on the street, etc. More then\u00a0 30 billion active connected devices and\u00a0 more then $2 trillion already spend on IOT technology.\u00a0<\/u><\/p>

From cameras to sensors to medical devices, the impact of IoT is as massive as the internet itself. Most IoT devices \u2013 often with little built-in security \u2013 are connected, either by co-workers or contractors, to the same network as traditional business-critical systems, creating new attack vectors for cybercriminals.<\/p>

IoT connects to the SOC – How?<\/strong><\/h2>

IoT will make the SOC challenges much bigger, added a layer of complexity to the work that already challenged by the ever-changing cybersecurity landscape, SOC staff now has to understand the subtleties of cyberattacks that play on the hyperconnectivity afforded by the use of enterprise IoT.<\/p>

Use of IoT devices means that global IP traffic will\u00a0increase three-fold\u00a0from 2017 to 2023.<\/span><\/p>

By 2022, machine-to-machine (M2M) connections that support IoT applications\u00a0will comprise\u00a0more than half of the world\u2019s connected devices.\u00a0<\/span>IoT will drive\u00a0growth in connected devices\u00a0through 2023.<\/span><\/p>

Here are some things security operations professionals should ensure they are doing while they dealing with IOT.<\/p>

Understand Your Threat Use Cases<\/strong><\/h3>

When cyberattack data and alert output is presented to your SOC analysts, they\u00a0can be difficult\u00a0to decipher. A recent study, which examined the\u00a0challenges of the modern SOC, found that 27% and 24% of respondents, respectively, said that alert fatigue and false positives served as their largest sources of pain. One of the ways this can be resolved is by reviewing case histories and studying issues that arise most frequently. For example, does a particular type of IoT vulnerability or IoT threat arise over and over again? Allocate resources to addressing it quickly and look for ways to automate management, such as\u00a0grouping by threat\u00a0instead of working individual alerts, said problems going forward.<\/p>

Clear Visibility<\/span><\/h3>

Visibility of all endpoints connecting to your network is important, as they serve as a common starting point for malicious hackers. But it\u2019s even more critical when those endpoints are IoT devices that may not be approved for connection, unpatched or improperly configured. This becomes an even bigger problem when you consider that roughly half of enterprises\u00a0cannot tell\u00a0if their IoT devices have been breached.<\/p>

If don\u2019t have a good handle on your inventory of assets, you cannot ensure the right protection is applied in the right part of this extended network. A study by the Ponemon Institute showed 65% of respondents\u00a0lack visibility\u00a0into the wider IT infrastructure. The same study found that the main reason for the SOC being ineffective is a lack of visibility into network traffic.<\/p>

Automation Can help<\/strong><\/h3>

You already know that the security industry is\u00a0operating with a massive talent gap\u00a0\u2013 limiting, among other things, the ability to not only manage your fleet of connected devices but for security operations centers to operate with enough analysts who are trained at detecting the types of anomalous traffic that\u00a0 IoT may bring. But even if your SOC was filled to the rafters with qualified analysts, the sheer number of connected devices invading most companies alone calls for the need for automation.<\/p>

Security orchestration, automation and response (SOAR) technology can help compensate for some of the workload that IoT necessitates because it brings together disparate detection technologies \u2013 including endpoint detection and response (EDR), which has become central tool for IoT threat management \u2013 and automates workflows to create the order needed for analysts to make quick work of triage, investigation and response.<\/p>

More to Consider<\/strong><\/h2>

Zero Trust<\/span><\/h3>

The Zero Trust security model\u00a0was first proposed\u00a0by the analyst firm Forester. It is based on the premise of \u201calways verify, never trust.\u201d In the updated version, released in 2018, the Zero Trust eXtended Ecosystem places data as a central point from which security decisions are made. There is much work involved in using the model, but the expansion of the enterprise network and complications of moving data across IoT and the cloud means that this is a useful way to approach security.<\/p>

Authentication is a key principle of Zero Trust.\u00a0OWASP provides a Top 10 list of IoT weaknesses,<\/u>\u00a0and authentication tops the list. Using a zero-trust detect-and-response approach is\u00a0increasingly being used\u00a0within the SOC to plug the gaps IoT creates<\/p><\/div>

Keep an Eye on Compliance<\/strong><\/h3>

Responsibility to audit systems to meet compliance requirements, including the recently enacted General Data Protection Regulation (GDPR), often falls on the SOC. Regulations such as GDPR has added new provisions for enterprise data protection, and\u00a0 IoT\u00a0brings fresh things\u00a0to consider and give more attention.<\/p>

\u00a0<\/h3>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

IoT has found anywhere we go, in our home, our work, on the street, etc. More then\u00a0 30 billion active connected devices and\u00a0 more then $2 trillion already spend on IOT technology.\u00a0 From cameras to sensors to medical devices, the impact of IoT is as massive as the internet itself. Most IoT devices \u2013 often […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"spay_email":""},"_links":{"self":[{"href":"https:\/\/soarexpert.com\/index.php\/wp-json\/wp\/v2\/pages\/152"}],"collection":[{"href":"https:\/\/soarexpert.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/soarexpert.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/soarexpert.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/soarexpert.com\/index.php\/wp-json\/wp\/v2\/comments?post=152"}],"version-history":[{"count":6,"href":"https:\/\/soarexpert.com\/index.php\/wp-json\/wp\/v2\/pages\/152\/revisions"}],"predecessor-version":[{"id":159,"href":"https:\/\/soarexpert.com\/index.php\/wp-json\/wp\/v2\/pages\/152\/revisions\/159"}],"wp:attachment":[{"href":"https:\/\/soarexpert.com\/index.php\/wp-json\/wp\/v2\/media?parent=152"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}