Answers to your top cybersecurity questions

Taking an ecosystem approach to cybersecurity can help protect IoT-connected devices that lack sufficient security measures

by Jason Porter

During our recent webinar, “5 trends to impact cybersecurity in 2016,” I joined two other AT&T security leaders—Brian Rexroad, executive director of Threat Intelligence, Analysis, and Response Engineering; and Todd Waskelis, executive director for Security Consulting—to discuss the top factors we believe will influence the cybersecurity industry this year.

After the discussion, we turned our attention to your questions about security on the Internet of Things (IoT), funding issues for cybersecurity projects, and more. Here’s how we responded to some of those queries:

Q. What can I do to protect devices that lack strong enough security measures to mitigate cyberattacks when connected to the Internet of Things (IoT)?

A. Protecting at the device level may get more attention, but taking more of an ecosystem approach is critical as you move to IoT. Start your deployment with IoT in mind. Take steps to enhance the security of your IoT as you roll it out. Do your risk assessment, and understand what you need to protect and where it resides. Implement recommended security measures, like password management functions and patch procedures, for any software associated with IoT devices.

United Laboratories, the company that evaluates the safety of household products, announced a program last year to help improve the security of IoT devices. The federal government is also considering other initiatives to strengthen security.

Q. Funding for cybersecurity tools is always an issue. Are tools being developed by the open source community?

A. We’re starting to see a lot of people use open source to create security programs. However, there are two big challenges with open source: scale, because many open source tools can’t scale to the level enterprises need, and support can be difficult, as there is no single source of support to turn to with questions and problems.

It’s also important to remember that while open source provides opportunities for cost savings, it may not be entirely cost free. Funds will be needed for support and maintenance, patching, and other procedures to keep it up to date as your other tools evolve.

Q. Where should I focus my cybersecurity efforts? On protecting my perimeter? On reacting to attacks? Or someplace else?

A. Today’s networks reach far beyond corporate walls, so simply finding and defining your perimeter can be challenging. That’s one reason the focus now is shifting to identifying threats before they affect your perimeter—mitigating cyberattacks as early as possible, preferably before they even enter your environment. But you also shouldn’t stop investing in perimeter protection.

Q. What can I do to address internal threats?

A. Depending on the type of environment you’re operating, there may be several steps you can take to help neutralize attacks that originate inside your company. Here are a few recommendations for evaluating how to address internal threats:

  • Virtualize your IT environment. Virtualizing your IT can help enhance the protection applied to individual applications—beyond the perimeter—and give you more flexibility to customize protection where necessary. Virtualization also allows you to manage policies at a more granular level.
  • Automate whenever possible. Automation supports app-level protection by helping to give you the degree of control you need to, for example, regulate many firewalls around individual programs.
  • Use behavioral analytics. Looking at data on certain actions can help identify potentially malicious workers.

Q. Can standards like ISO help me communicate security issues to my leadership and get buy in for upgrades and other projects?

A. Communication to all levels is critical. But the biggest challenge often is the lack of risk management and risk acceptance programs, and international frameworks like ISO can help establish that.

It’s important to involve executives proactively. Don’t wait to hear from the board after they’ve read something in a newspaper or magazine. Take the initiative and communicate up to the executive suite as often as possible. This helps keep security top of mind for them, and could make it easier for you to secure funding for a tool or project.

For answers to other questions, watch the replay of our webinar, “5 trends set to impact cybersecurity in 2016.” Also, get details on cutting-edge solutions and services in the AT&T Network Security portfolio.