This post is also available in: 日本語 (Japanese)
IoT has arrived in a big way because the potential benefits are immense. Whether it’s building and street light sensors, flow monitors, surveillance cameras, IP phones, point-of-sale systems, conference room technology or so much more, IoT is on the network and in the organization. IoT has become an essential piece of infrastructure for every enterprise and business. As I talk with IT organizations, they tell me they want an IoT security solution that lets them keep moving at full speed while alleviating their security concerns. We’ve developed an approach we believe can balance both of these needs.
Let's look at the problem and solution in a bit more depth.
The Unique Security Challenges of IoT Devices
IoT devices present unique challenges for security teams. They are connected to an enterprise's central network, yet they are generally unmanaged. Different IoT devices use different hardware, operating systems and firmware. For the most part, they are also unregulated, shipped with unknown or unpatched vulnerabilities, and often their useful life exceeds their supported life. The recent 2020 Unit 42 IoT Threat Report said that “57% of IoT devices are vulnerable to medium- or high-severity attacks” and “98% of all IoT device traffic is unencrypted.”
One of the biggest fears is that these devices can be weaponized for launching cyber attacks. Most recently, the Sofacy Group (Fancy Bear or APT28) was found compromising popular IoT devices such as VoIP phones, office printers and video decoders to infiltrate several corporate networks. This is simply one of many such IoT security incidents.
It's hard enough to assess the risks and enforce policies for IoT devices brought in for corporate projects, but many IoT devices are brought into organizations even without IT’s knowledge.
These devices are challenging enough to secure, but added to that, IT first needs to identify them, and that's a challenge all on its own.
Mainstream network perimeter defenses are poorly equipped to address these security challenges, and new IoT security vendors often fall short in addressing the issues completely. They are limited to device identification of only known asset types, have manual rule-based policy engines that don’t scale, and often use an unwieldy implementation of single-purpose sensors that then requires integrations with other vendors for any actual security. Existing approaches simply fail to meet the need.
The Role of Machine Learning in the IoT Security Lifecycle
We think the most effective way to address IoT security challenges is by securing the complete IoT security lifecycle, and the core of that approach is machine learning (ML). Last fall, we welcomed Zingbox to the Palo Alto Networks family because we believed their patented 3-tier machine learning platform was the best technology to help companies discover and identify unmanaged devices in the network.
We have enhanced Zingbox’s technology with Palo Alto Networks patented App-ID technology, allowing it to automatically discover new IoT devices, assess risks and convert the learnings into policies that secure IoT. Applying the rich prevention capabilities of Palo Alto Networks, IoT Security can be paired with the full range of our other cloud-delivered security subscriptions to stop all known and unknown threats targeting IoT and OT devices.
Simplifying IoT Security Implementation
Distinct from other solutions, our solution does not require dedicated sensors, any other product for enforcement, manual fingerprinting technologies or painful counting of IoT devices for licensing – what you get is a complete solution.
For Palo Alto Networks customers, IoT Security is delivered as a new subscription, empowering existing security teams to start reclaiming unmanaged IoT devices in no time on any Palo Alto Networks ML-Powered Next-Generation Firewall form factor – through PA-Series hardware appliances, VM-Series virtualized firewalls or over Prisma Access, our cloud-delivered secure access service edge (SASE) network security service.
For future customers not currently partnered with Palo Alto Networks, we deliver IoT Security on our ML-Powered Next-Generation Firewall that serves as a sensor and enforcement point. At a competitive value compared to siloed IoT security products, we can offer unmanaged device discovery, protection and enforcement in places you don't have your existing firewalls – eliminating your need to purchase and integrate multiple products and alter operational processes to gain a full security solution for IoT. If you need to add a sensor to secure IoT anyway, why go to that effort just for visibility?
Palo Alto Networks Is Here to Help
No matter where you are in your IoT adoption journey – whether you’re an early industry adopter or are part of the early majority considering adoption and in proof of concept – security is germane to optimizing and defending your IoT investment from the risk of an overwhelming security breach. Our team at Palo Alto Networks is here to help you stay ahead of attacks.
Read more about Palo Alto Networks and IoT security.
Intelligent Network Security: LinkedIn Live Broadcast.
AJ Shipley, vice president of product, and Paul Calatayud, Americas CSO, appeared on LinkedIn Live to answer questions about the industry’s first ML-Powered NGFW. Watch the event on-demand.