Published on July 11, 2021
Author: Simon Bryden, Manager Consulting Systems Engineering at Fortinet
Internet of Things (IoT) devices are everywhere. From consumer devices such as connected thermostats and door-entry systems to Industrial IoT (IIoT) such as actuators and sensors, these smart and connected devices are increasingly being deployed in all areas of industry – manufacturing, oil and gas, energy, mining, and agriculture.
IoT offers endless opportunities….
It’s all about the data! The value and intelligence derived from the data that is extracted from these devices is priceless with endless opportunities for organizations or individuals. IoT adoption figures confirm this growing importance: connected devices have exponentially increased in the last 5 years, with approximately 20 billion devices in 2020 and around 75 billion planned by 2025.
This acceleration will be fueled by 5G. For most people, 5G is associated with faster downloads to their mobile phones. However, the real driver for 5G will not be phones but IoT as it will bring powerful capabilities such as high device density and highly reliable communications with very low latency. In addition, cheap sensors can be built with a low operational cost, identity management, authentication and authorization mechanisms, as well as roaming and mobility.
…with a price to consider in terms of Security
What are the cyber security impacts on IoT in a 5G world?
A big issue is that the IoT devices market isn’t regulated and homogeneous. With cheap consumer IoT, there is not a significant demand nor budget for security, and as such, it tends to be somewhat forgotten. However, if we look at medical IoT devices, we can be certain that security is taken very seriously. In addition to that, if we take IIoT devices running in critical industries and used to monitor critical infrastructure, here are a number of security aspects that need to be considered:
So what about 5G? New services bring faster bandwidth, and support for massive numbers of endpoints, and network operators need to be sure that their security solutions can keep up. Similarly, the introduction of Mobile Private Networks and Multi-Access Edge enables both the mobile network and the compute infrastructure, to be placed as close as possible to the devices themselves. This allows compute resources to be co-located, eliminating expensive cloud round-trip times. These services are key enablers of ultra-reliable low-latency connectivity which is a key driver in industrial IoT networks. But on the other hand, this concentration of network and compute infrastructure becomes a critical part of the network, and protecting it is paramount.
Best practices to protecting IoT in a 5G world
The reality is that no device is truly secure, and for that reason, we need a comprehensive and integrated approach to security that can deliver the following three key capabilities:
In conclusion, the steps to securing IoT in a 5G era won’t be any different than what we see in other ecosystems: an integrated and holistic security architecture is necessary, to provide not only the visibility required to see and identify these devices but also deliver the prevention and detection components needed to mitigate the effects of an attack.