The future of cybersecurity as a profession is tightly integrated to the existing and emerging technologies and how it’s being used.
There are many challenges ahead of us. From the policy perspective, we have the legacy governmental and regulatory policies that are being amended and updated in a reactive and unhealthy way, thus stressing the legislative framework of policies geared towards the national practices of cybersecurity.
And with all due respect, don’t get me started on the lack of knowledge of most of our elected officials on the matters related to cybersecurity. This is why we need cybersecurity professionals who are educated on policy development to guide and counsel the local and congressional legislature.
…but that’s not what I want to tackle in this post. I want this to be a more familiar subject.
The truth is that not many people can describe where cybersecurity is right now, so let’s see the current status from the risk perspective on the Internet of Things or (IoT) devices and systems.
The existing and emerging technologies is the key to analyzing what is going on with the current status of cybersecurity and where it is heading. The best way to explain this is by presenting an example.
Existing and emerging technology
An example of an existing and emerging technology is the IoT. IoT is the interconnectivity of objects and appliances in your home, work, and life to the Internet.
Home IoT is not limited to your regular computer. This also includes your brand new TV, your new intelligent fridge, monitoring cameras, doorbell, some electronic kitchen appliances, your new robot vacuum (a.k.a. Roomba) that requires being controlled via WiFi, your new voice-controlled speaker, and this is just getting started.
As in Home IoT, the Work IoT isn’t limited anymore to individually monitoring the regular PC, Server, Laptop, Printer, and Scanner. It also includes whole systems totally integrated into a network. Most network administrators know that these systems require being segmented for better protection and resource management for a variety of reasons.
Take hospitals for example. Their IoT’s are the heart monitor in a patient’s room or the portable X-Ray machine or the MRI Scanner, among other devices. These are devices that require their own firmware updates and periodic vulnerability patches.
In some industries, they use what is known as Supervisory Control and Data Acquisition (a.k.a. SCADA) systems. These are systems that are configured to, among other things, monitor large pieces of equipment with sensors and alarm triggers. This system also requires special attention, from updating their firmware to their respective operating systems this requires a specific and sometimes customized process for their patching and updates according to their manufacturers.
Today, most of these systems are old and haven’t been updated for years, which makes them very vulnerable. What makes them undetected on a network is the fact that most of these systems are physically and or virtually segregated from the main network, but that shouldn’t be an excuse for not updating or upgrading them.
I mentioned that we are also connecting our lives to the Internet, quite literally. From smartphones, smartwatches, medical equipment, and any life dependent assistive devices. These devices are being used to manage and control our lives somehow.
Read What is Cybersecurity? To understand where we came from.
The challenge that we are facing as professionals regarding the IoT is how do we protect not only the hardware but the software and mostly the information stored and being transmitted through these devices.
As more and more manufacturers are producing these devices, the chances of having vulnerabilities increases as well. Vulnerabilities, in general, can be found in both their hardware and software, but mostly their software.
Software vulnerabilities vary from the operating system in the device, to the encryption system being used to protect the data stored and in transmission.
For those of us who have the experience of working in highly regulated industries such as in the manufacturing of pharmaceutical products, like I did, we are very familiar with the qualification and validation protocols and standard operating procedures (SOP) that are required in order to install, maintain and dispose (a.k.a. lifecycle) any equipment or device integrated into a qualified IT network. These means that we already had an established protocol that assisted us in the update process of anything, such as patching any vulnerabilities in any device.
I don’t think there is a protocol in a home to update the firmware of their home router. That said, in workplaces that don’t have such protocols, like in the non-regulated business such as brick ‘n mortar stores are highly susceptible to having vulnerabilities in their systems. Don’t believe me, just read the news.
My point is that having a written procedure and running a checklist can help in the update process of these devices on a periodic basis. That’s how regulated companies do it. This doesn’t make us immune from attacks, but the whole purpose is to minimize risks and threats.
Why do we protect a system
Just answer this question: What’s the most valuable asset any company or individual has?
Answer: their data.
The real challenge for any cybersecurity professional is to protect the data. Data exists in two stages: stored and in transit. Both require their own particular set of protections. Data on its own has spawned several specializations within the cybersecurity field dedicated to the subject.
Protecting this data from the prying eyes of any unauthorized person should be a priority.
We had seen the consequences when people lose focus of this and a network server located in the farthest corner of the farthest building doesn’t get the required attention it needs for the pending patches and updates, therefore exposing its vulnerabilities or when someone’s credentials get stolen or phished (not the same), or an Advanced Persistent Threat (APT) script gets into a company’s network system to do the unthinkable.
Protecting this data by having a protocol with procedures in place and executing such procedures can assist a system administrator in knowing how periodically they can run their vulnerability management tools. This should help protect the data in any system.
The future of cybersecurity is on protecting the data that companies and individuals currently have and keep generating. There are also three areas that we as professionals need to focus on:
- First, how this data is being stored and transmitted is one area that certain specialist needs to focus on to protect.
- Second, how to protect the equipment and systems that generate such data is another area that certain specialist needs to focus on as well.
- Third, classifying the type of equipment in order of importance can help prioritize and establish the periodicity of their attention when running the vulnerability management tools.
By focusing on these three areas, we can have a less gloomy future by minimizing the risks and threats that come with the territory.
by Edgar Vera, MS Cybersecurity