IoT devices: expanding the attack surface
IoT devices have become commonplace in organizations. From temperature sensors to printers, smart TVs to infusion pumps, billions of these devices connect to enterprise networks every day. Often these devices are unobtrusive, web-connected, and lack sophisticated security — a combination that makes them an irresistible target for cyberattackers.
As IoT adoption has increased in organizations, so too has the volume and ferocity of hackers that seek to exploit security gaps and vulnerabilities introduced into enterprise networks by these connected IoT devices. In fact, this year alone, researchers noted a 400% increase in IoT malware attacks across various industries.[i]
The consequences of an IoT-based attack can be significant. Attackers can exploit IoT devices to gain unauthorized access, exfiltrate data, and even damage or destroy data that IoT devices are using in AI model training, a type of attack called AI poisoning.
Zero trust security for IoT: the path forward
Zero trust security can address security concerns associated with IoT adoption. In a zero trust model, a device receives the least amount of access to network resources needed to fulfill its function, based on its role, as long as it is behaving consistently for its role and function.
Zero trust security models offer numerous benefits for protecting against IoT-based network security threats, including:
- Easing security policy definition and application by granting least-privilege access based on device roles, rather than on a per-device or per-location basis
- Detecting and preventing attacks, by continuously monitoring device behavior and comparing to baselines to help identify early signs of compromise
- Limiting access to resources, so even if a device is compromised, the “blast radius” of the attack is limited
To ensure effective zero trust implementation, organizations must be able to meet a few key requirements:
- Visibility and profiling: Can you see every device connected to your network, even if you do not manage it?
- Authentication and authorization: Do you have a high level of confidence in the identity of devices connected to your network? Do you have consistent methods for assigning access privileges to devices?
- Enforcement: Can you enforce access control policies consistently throughout your network, regardless of how, where, and to what devices are connected?
- Continuous monitoring: Can you monitor the behavior of devices connected to your network? Do you have means of determining whether behavior is typical, consistent, and expected?
- Response: Based on available security data, can you take action to adjust trust, address issues, and thwart attacks?
AI’s role in zero trust security for IoT
Stakes for protecting the organization against cyberattacks have never been higher, as the average cost for a data breach in the U.S. now tops $9.36M.[ii} Globally, the average total cost of a data breach is $4.88M USD, increasing 10% since last year, the biggest jump since 2020. [iii]
The need for ubiquitous device connectivity, protection against evolving threats, and flexibility to adopt new technologies like AI have made the business landscape more complex and challenging to navigate than ever before. AI promises to multiply human potential, so organizations can mitigate risk at scale to improve security and free teams to create business advantage.
Organizations can leverage AI to advance IoT-driving initiatives while implementing zero trust security. Here are just a few of the benefits AI can provide:
- Improving visibility and control of devices to understand what is connected to the network
- Understanding behavior of devices on the network to enable better anomaly detection
- Enhancing monitoring and diagnostics to deliver relevant, actionable insights network and security teams can use to protect the organization without network disruption
- Automating security operations tasks to reduce the manual effort required to secure the network
Scale protection with security-first, AI-powered networking
Built on zero trust security principles, security-first, AI-powered networking from HPE Aruba Networking provides a common foundation that security and networking teams can use to power IoT- and AI-driven business initiatives without sacrificing cybersecurity protection. By combining network telemetry and AI-powered insights built on the industry’s leading data lake, [iv] HPE Aruba Networking can protect data, infrastructure, and applications at scale — a key consideration as IoT devices and data increasingly become attack targets.
IoT visibility at scale
Knowing the identity of devices connected to the network is a fundamental starting point for zero trust security, but it’s also a challenge for network and security teams that often do not connect, manage, or secure all the IoT devices used within the enterprise. In fact, in a 2023 report from Ponemon Institute, 54% of organizations reported having low to no confidence that they knew all the users and devices connected to their network.[v]
HPE Aruba Networking addresses this need by providing comprehensive device visibility via AI-powered Client Insights, a security solution built into HPE Aruba Networking Central that offers the most granular profiling and visibility in the industry.[vi] Applying AI and ML to data gathered from over 1 billion profiled clients, Client Insights identifies connected devices with up to 99% profiling accuracy of known clients and <5% rate of unknowns.[vii]
Continuous IoT monitoring at scale
Once a device is accurately identified and profiled, zero trust security models rely on up-to-date understanding of device behavior to identify and thwart potential compromise and attack. Yet the sheer volume and variety of IoT devices within the distributed enterprise can make it hard for network and security teams to evaluate an individual device to answer the question: “Is this device compromised?”
HPE Aruba Networking Central can analyze dynamic device attributes — including traffic patterns and behavioral characteristics such as connection state and network residency — to establish AI-powered behavioral baselines at a per-device level. Baselines can help organizations understand typical and expected behavior for each device, helping improve security by showing whether an IoT sensor, camera, or printer is deviating from normal behavior.
Protect your organization at scale with zero trust and AI
Check out these resources to learn more.
- Fighting AI cyber risks with AI
- New capabilities for detecting unusual activity in vulnerable IoT devices
[i.] Deloitte, “Global Cyber Threat Intelligence (CTI): Annual Cyber Threat Trends,” March 2024. https://www2.deloitte.com/us/en/pages/risk/articles/cybersecurity-threat-trends-report-2024.html
[ii.] Ponemon Institute, Cost of Data Breach Report 2024. https://www.ibm.com/reports/data-breach
[iii.] Ibid.
[iv.] https://www.arubanetworks.com/resource/aruba-central-data-sheet/
[v.] Ponemon Institute. The 2023 Global Study on Closing the IT Security Gap: Addressing Cybersecurity Gaps from Edge to Cloud. 2023. https://connect.arubanetworks.com/ponemon-closing-it-security-gap-report
Eve-Marie_Lanza
Eve-Marie Lanza is a Senior Security Solutions Marketing Manager at HPE Aruba Networking, where she leads marketing for Edge-to-Cloud Security solutions. She brings to the role more than 15 years of experience in portfolio and solutions marketing with a focus on enterprise networking and data center technologies. Eve-Marie holds an MBA from the University of California at Davis.
