For IoT Defense CIOs Turn to Zero Trust Principles

Tri Pham, Chief Strategy and Innovation Officer, Tata Communications discusses how the combination of Mobile Secure Access Service Edge (SASE) and Zero Trust techniques can fortify the security of remote and mobile Internet of Things (IoT) devices

In Asia Pacific’s ever-evolving digital landscape, Application Programming Interfaces (APIs) have assumed a central role. They empower businesses to seamlessly connect systems and data with partners, innovate new products, enhance efficiency, and access previously untapped markets. This trend is set to accelerate further, with the open API market in Asia Pacific predicted to surge from USD 369 million in 2022 to a staggering USD 1,412 million by 2031, reflecting a robust CAGR of 16%.

However, this surge in API adoption also introduces a substantial security risk. APIs, often exposed to the internet, become attractive targets for cyber attackers. This concern is particularly pronounced in Asia Pacific, where the prevalence of cyberattacks is rising rapidly. A 2020 report from F5 also reveals that 71% of APAC organizations faced API attacks, with an average cost of $1.3 million per attack.

Furthermore, the advent of 5G technology has reshaped the landscape of cellular-based IoT projects, ushering in high-throughput, low-latency applications such as security cameras, drones, and connected cars. The integration of IoT devices into various business processes, including asset tracking and patient monitoring, virtually extends the enterprise network perimeter, exposing a broader attack surface to malicious actors.

To confront this multifaceted challenge head-on, Chief Information Officers (CIOs) across Asia Pacific must turn to network edge-based security solutions rooted in the principles of zero trust. Zero trust, a security paradigm, operates on the foundational belief that no user or device can be trusted by default. Instead, it mandates thorough verification of all access attempts before granting entry. Mobile Secure Access Service Edge (SASE) represents a cloud-based security architecture that amalgamates networking and security functions into a single service. SASE, when applied at the network edge where data flows between endpoints and the cloud, aligns seamlessly with zero trust principles.

The synergy between zero trust and Mobile SASE forms a comprehensive shield, defending enterprise endpoints against the onslaught of cyberattacks. Mobile SASE enforces stringent security policies at the network edge, while zero trust principles meticulously scrutinize and validate every access attempt before granting permissions.

This strategic approach holds particular promise in fortifying the security of remote and mobile Internet of Things (IoT) devices. These devices often pose unique security challenges, as they may lack the resources to accommodate security agents or backhaul all traffic to the cloud.

Network edge security solutions, orchestrated from the core network, eliminate the need for security agents on each device and curtail the volume of traffic that necessitates cloud backhauling. This results in enhanced application performance, cost savings, and simplified security management. CIOs in Asia Pacific must remain vigilant regarding the looming threats associated with API-based applications and the expanding universe of IoT devices. By embracing network edge-based security solutions in adherence to zero trust principles, CIOs can erect a robust defense, shielding their enterprise endpoints from cyberattacks and ensuring unbroken business continuity and resilience.

Ed.  Tri Pham photo courtesy of IN.FOM Pte Ltd. Article photo by Unsplash+ in collaboration with 8machine.

Editor Note: From our Historico section we have extracted the main IoT Device Vulnerabilities factors…

Diversity of Devices: IoT encompasses a vast array of devices, each with its unique characteristics and software. This diversity makes it challenging to implement uniform security measures, leaving room for vulnerabilities.

Limited Resources: Many IoT devices are resource-constrained, with limited processing power, memory, and storage. This restricts the ability to implement robust security protocols and updates.

Inadequate Security Measures: Some IoT devices are designed with a primary focus on functionality and cost-efficiency, often sacrificing security. Basic security measures may be overlooked in favor of affordability and quick deployment.

Prolific Connectivity: IoT devices are designed to be constantly connected, which expands the attack surface. Attackers can target weak points in the network and exploit them to gain access to sensitive data or disrupt operations.

Outdated Software: IoT devices often run outdated or unpatched software. Many users and organizations do not prioritize regular updates, leaving devices exposed to known vulnerabilities.

..as well as the emerging threats to the IoT Landscape that CIOs need to be vigilant about:

Botnets: IoT devices have been harnessed to form botnets, which can be used for large-scale distributed denial-of-service (DDoS) attacks. The Mirai botnet is a prime example of how IoT devices can be weaponized.

Data Privacy Breaches: IoT devices often collect sensitive data. Inadequate security measures can lead to data breaches, exposing personal and confidential information.

Physical Safety Risks: Vulnerable IoT devices can pose physical safety risks in contexts such as smart cities and critical infrastructure. An attack on IoT devices controlling traffic lights or industrial machinery, for example, could have severe consequences.

Ransomware: Some attackers target IoT devices to deliver ransomware, locking users out of their own systems or data until a ransom is paid.