All of the discussion surrounding Internet of Things connectivity and collaboration and opening the supply chain network in more ways to additional partners and networked technology and tools is exciting for three key groups; the supply chain partners, the consumer and hackers. The big question generated by these new tools and technology is how do you develop and maintain an open network such as this and still protect the interest of all participants. This is huge task for the security organizations and I’m sure keeps them up at night worrying. These networks open to external access from partners are under constant attack now and the IoT tools and technology opens a new frontier in network security that must also be taken into account. Network advances and capabilities must now take into account the security demands and risks as at least as important to the supply chain as the expanded capabilities, maybe even more because of the potential impact of a breach.
The security of this network is no small task especially since more and more news is coming out regarding network attacks and network breaches, and this is just what you hear about, there is also a great deal of attacks that you never hear about. Then add to this level of risk a huge variety of devices that attach to the network under the umbrella of IoT. These new connectivity requirements increase the risk geometrically because of the access to the network provided by these devices along with the unknown risk of the level of security developed within the connected device to protect from hacking attacks. The simple reality of these connected devices is that many of them simply provide open access, assuming that the network to which they are attached is either secured or takes into account the open nature of the connected devices and segregates them to to secured network node. Either way, the security of the network always falls to the owner of the network and these connection and vulnerability opportunities must continuously be reviewed and addressed.
Security is another continuous support activity that must be taken into account and planned for the protection of the network and most importantly business and consumer information assets. There are continuous probes for weakness against the network that must be taken into account and these probes lead to assaults on the network. As the network becomes more open from activity such as consumer and supply chain partner collaboration, eCommerce (B2B and B2C), IoT devices and the blockchain the volume and types of risks and vulnerabilities also increases and builds on each other. These must all be taken into account with a network security strategy and this strategy must be continuously be reviewed in order to identify and plan for new risks and vulnerabilities.
The point is that you cannot block all network access from the outside to secure the network and nor should you want to because this only brings a false sense of security that leaves you open to attacks, even if you wanted to your network would still be open to vulnerabilities from email attacks. The point is that you must understand the risk and embrace the tools and practices to protect you from the vulnerabilities and attacks that these tools bring.
No comments:
Post a Comment