Digital Transformers (eBook)
eBook Download:
EPUB
2021
|
1. Auflage
162 Seiten
Bookbaby (Verlag)
978-1-0983-8410-4 (ISBN)
162 Seiten
Bookbaby (Verlag)
978-1-0983-8410-4 (ISBN)
Smart devices designed for the Internet of Things (IoT), industrial IoT, and operational technology (OT) in the emerging era of digital transformation require protection by design for cyber resilience. Cyberattacks by nation state actors and cybercrime syndicates cause system outages and disruption of essential services. This book is a call to action - for silicon chip makers, equipment manufacturers, managed security service providers, device owners and operators, to begin the journey towards collaborative cyber protection. The traditional information technology (IT) detection and prevention methods based on threat models are inadequate to defend the billions of devices that are an intrinsic part of our daily regimen. It's essential to adopt protection models based on risk for modernization across all sectors - smart factories, smart cities, smart grids, smart transportation, smart homes, healthcare systems, aviation systems, public utility systems, defense systems, and law enforcement systems. The power of scientific and technological innovations offers opportunities to transform and reform the way things are and the way they ought to be. If the past three decades are a gauge of the power of innovation, then the next three decades will be a harbinger of the power of transformation.
Smart devices designed for the Internet of Things (IoT), industrial IoT, and operational technology (OT) in the emerging era of digital transformation require protection by design for cyber resilience. Cyberattacks by nation state actors and cybercrime syndicates cause system outages and disruption of essential services. This book is a call to action - for silicon chip makers, equipment manufacturers, managed security service providers, device owners and operators, to begin the journey towards collaborative cyber protection. The traditional information technology (IT) detection and prevention methods based on threat models are inadequate to defend the billions of devices that are an intrinsic part of our daily regimen. It's essential to adopt protection models based on risk for modernization across all sectors - smart factories, smart cities, smart grids, smart transportation, smart homes, healthcare systems, aviation systems, public utility systems, defense systems, and law enforcement systems. The power of scientific and technological innovations offers opportunities to transform and reform the way things are and the way they ought to be. If the past three decades are a gauge of the power of innovation, then the next three decades will be a harbinger of the power of transformation. Over the years, there have been multiple waves of technological evolution. We've seen evolutions from analog to digital over copper, and then from copper to fiber, and fiber to wireless. Soon after that, we advanced from on-premises to cloud data centers, and then from local applications to online applications, then local storage advanced to cloud storage. All these advancements were remarkable endeavors. The second wave of inventions included virtualization, cloud computing, high speed connections, software defined networking, online applications and remote services. All these advancements have shaped a global economy. This book emphasizes that the third wave is coming. Recent advances in silicon technologies, field-programmable gate arrays, edge computing, zero trust models, artificial intelligence (AI) and machine learning (ML) collectively provide a platform for digital transformation at scale. Data is the new oil and explicit trust in data is paramount. Devices power every aspect of our daily living - at home, in public and at work - and explicit trust in devices is imperative. "e;Digital Transformers"e; is a must-read for anyone with an interest in the rise of technological advancements and the inherent need for cybersecurity keep up with the on-going processes of digital transformation.
Smart devices designed for the Internet of Things (IoT), industrial IoT, and operational technology (OT) in the emerging era of digital transformation require protection by design for cyber resilience. Cyberattacks by nation state actors and cybercrime syndicates cause system outages and disruption of essential services. This book is a call to action - for silicon chip makers, equipment manufacturers, managed security service providers, device owners and operators, to begin the journey towards collaborative cyber protection. The traditional information technology (IT) detection and prevention methods based on threat models are inadequate to defend the billions of devices that are an intrinsic part of our daily regimen. It's essential to adopt protection models based on risk for modernization across all sectors - smart factories, smart cities, smart grids, smart transportation, smart homes, healthcare systems, aviation systems, public utility systems, defense systems, and law enforcement systems. The power of scientific and technological innovations offers opportunities to transform and reform the way things are and the way they ought to be. If the past three decades are a gauge of the power of innovation, then the next three decades will be a harbinger of the power of transformation. Over the years, there have been multiple waves of technological evolution. We've seen evolutions from analog to digital over copper, and then from copper to fiber, and fiber to wireless. Soon after that, we advanced from on-premises to cloud data centers, and then from local applications to online applications, then local storage advanced to cloud storage. All these advancements were remarkable endeavors. The second wave of inventions included virtualization, cloud computing, high speed connections, software defined networking, online applications and remote services. All these advancements have shaped a global economy. This book emphasizes that the third wave is coming. Recent advances in silicon technologies, field-programmable gate arrays, edge computing, zero trust models, artificial intelligence (AI) and machine learning (ML) collectively provide a platform for digital transformation at scale. Data is the new oil and explicit trust in data is paramount. Devices power every aspect of our daily living - at home, in public and at work - and explicit trust in devices is imperative. "e;Digital Transformers"e; is a must-read for anyone with an interest in the rise of technological advancements and the inherent need for cybersecurity keep up with the on-going processes of digital transformation.
Chapter 6
The Elixir of Things
The challenges, blockers to change, and the decisions required to embark on change vary across industry sectors. The policies and processes that have been engrained over decades of information technology (IT) dominance and stewardship may become the inhibitors of change without a strategy for change. The intrinsic nature of risks has changed and therefore the solutions must too.
Embracing digital transformation will require hardening the workflow and operations, and not clinging hopefully to out-of-date and cumbersome platform hardening guidelines. Security is not a point solution; it is a holistic chain – and it is only as strong as the weakest link in that chain. The effectiveness of security (from soft core to hard edge) requires baked-in controls; not bolted-on controls. The economics of security lies in multi-vendor collaboration as a forethought and not multi-vendor competition as an after-thought. The induction of modern controls must be strategic, measured and rational. Imminent risks have no term limits.
Strategy by Industry Sector
Process Automation
The major risks to process control and automation stems from three factors. The first factor is the diversity of communications methods and industrial protocols that are fundamentally open and insecure, because they were designed to operate within an implicitly secure silo. The second factor is the network firewalls and intrusion detection systems retrofitted into an interconnected and layered ecosystem they were not purpose-designed or intended for operations technology (OT). The third factor is that unlike the IT approach of quarantining infected user workstations (endpoints) with virtual LAN (VLAN) based network segmentation, process control systems in OT are live and quarantining devices in an interconnected system disrupts service and causes undesirable outage. Reactive approaches based on network-based anomaly detection and deep-packet inspection of application protocols will be challenged eventually by the onset of encrypted network traffic (without application reengineering) in the years ahead.
The strategy will require at least: (a) securing the integrity of signaling between systems; (b) managing the digital secrets that offer such security countermeasures – passwords and keys; (c) rotating the digital secrets using X.509 certificates for trusted delivery as a mitigation strategy for recovery on compromise; (d) tamper-resistant content delivery through the supply chain; (e) remote device recovery on compromise with trusted software and configuration updates, and automated key renewal; and (f) auditability for visibility and measurement of compliance posture.
Transportation
The major risks to ground transportation systems stems from the mobile nature of automotive systems. The electronic control units, telemetric/transmission control units, speed control units, onboard diagnostics, navigation systems and consoles will require periodic software and configuration updates. The autonomous operations in modern automobiles will require high assurance of tamper-resistance in inter and intra-system real-time messaging. Isolation of vehicular and entertainment functions will be vital.
The strategy will require at least: (a) securing the integrity of inter and intra-system messaging; (b) securing the digital secrets (keys) that offer such security countermeasures; (c) rotating the digital secrets at scale and as a remote maintenance activity – as a mitigation strategy for recovery on theft or recall; and (d) tamper-resistant content delivery through the supply chain.
Aviation
The major risks to the aviation industry are very broad and stem from the complexity of managing the supply chain, outdated delivery methods, and the criticality of fault tolerance in safety-centric airborne systems. While some of the risks that apply to ground transportation systems are also applicable to avionics, the significant differences are due to the sheer complexity of electronic platforms onboard and implications related to insurance. The willingness and ability to invest and innovate with new technologies is deeply lacking.
The strategy will require at least: (a) securing the onboard messaging systems; (b) securing the digital secrets (keys) that offer such security countermeasures at a nation-state level of alertness; (c) rotating the digital secrets at scale and as a remote maintenance activity – as a mitigation strategy for vulnerability countermeasures; (d) using X.509 digital certificates for key lifecycle management from a secure facility to meet a high level of assurance; (e) tamper-resistant content delivery through the supply chain for traceability; and (f) historic audit trail for trackability of change ledgers.
Healthcare
The healthcare industry is the most complicated environment to secure – as it takes a village – from the medical devices community, to healthcare providers, healthcare workers and government bureaucrats. This is the industry at highest risk because of the sheer volume of unmanaged or hard-to-manage devices and the consequences (life-or-death nature of the trade). The emerging nature of IoT devices and cybersecurity compliance requirements in the healthcare sector requires both equipment vendors and service providers to implement security policies that address the risks posed by cyber-attacks and insider threats. Mission critical production systems and medical devices require protection from unauthorized software updates or configuration changes, and secure authentication of field and remote operators. Legacy enterprise IT managed systems rely on password policies, multi-factor authentication and role based physical and network access. Such controls are inadequate against zero-day cyber-attacks on headless IoT devices that subvert threat intelligence-based intrusion and/or anomaly detection systems designed to prevent data breaches. Therefore, IoT solutions in the healthcare sector require a tamper-resistant system that provides built-in protection controls, trustworthy change management and continuous integrity verification – for high scalability and availability.
The strategy will require at least: (a) securing the identity and integrity of medical devices at the grassroots level; (b) securing the integrity of data exchanges from devices to receivers (display stations and monitors); (c) securing the digital secrets (keys and certificates) on the devices and receivers; (d) rotating the digital secrets at scale and as a managed maintenance activity – for device lifecycle management and transfer of ownership (e.g. remote patient monitoring platforms); and (e) tamper-resistant content delivery through the supply chain for traceability.
Media and Entertainment
The media and entertainment industry are as close to home as it gets. The set top boxes, broadband routers, and 5G gateways are at your doorstep. The implications of data privacy and protection for the consumer are paramount here given the nature of home surveillance systems and information gathering that occurs here. For the business, the major risks are loss of revenue from clones, piracy and theft of bandwidth, and flight of intellectual property. In a competitive marketplace with online stores for home-based entertainment platforms, this industry is poised to stream content and containerized applications to edge cloud platforms. This raises the bar for data privacy and protection at higher data rates, and trusted data for artificial intelligence and analytics at the backend.
The strategy will require at least: (a) securing the on-premise equipment; (b) securing the digital secrets (keys) that offer such security countermeasures; (c) rotating the digital secrets at scale and as a remote maintenance activity – as a mitigation strategy for tamper-resistance; (d) using X.509 digital certificates for key lifecycle management from a secure facility for effective licensing; and (e) tamper-resistant content delivery through the supply chain for traceability.
Defense
The battlefield on the ground, in the air, on and under water relies heavily on cyberspace and is increasingly becoming a digital ecosystem over radio waves. Tamper-resistance is required at the device, inter-device, and networked systems level for mission critical operations. The major risks stem from the complexity of managing the supply chain (defense contractors), the sophisticated tools and methods in the arsenal of nation-state adversaries, and the airgapped nature of combat systems. The willingness and ability to invest and innovate with new technologies face budgetary constraints and the effort to integrate for timely field deployment. Further, the paranoia of integrating technologies sourced from the open-source community, new vendors (outside the established supply chain) and technology startups increases the cost and timeliness to build a solution.
The strategy will require at least: (a) using industry standards-based specifications (e.g. NIST, FIPS) vetted for robustness against nation-state attacks; (b) integrating protective countermeasures on devices through the supply chain of equipment manufacturers; (c) managing digital secrets at scale and as a local or remote maintenance activity – as a function of mission control; (d) using X.509 digital certificates for key...
| Erscheint lt. Verlag | 1.6.2021 |
|---|---|
| Vorwort | Brian Nugent, Alberto Yepez |
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-10 | 1-0983-8410-5 / 1098384105 |
| ISBN-13 | 978-1-0983-8410-4 / 9781098384104 |
| Haben Sie eine Frage zum Produkt? |
EPUB (Adobe DRM)Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
Mehr entdecken
aus dem Bereich
aus dem Bereich
Das umfassende Handbuch
eBook Download (2022)
Rheinwerk Computing (Verlag)
49,90 €
Umfassendes Sicherheits-, Kontinuitäts- und Risikomanagement mit …
eBook Download (2023)
Springer Vieweg (Verlag)
79,99 €
