Evolving with threats

From DevOps to FieldOps: Going beyond Secure by Design

Mike Nelson
© Shutterstock / olesia_g

In this article, Mike Nelson is the VP of IoT Security at DigiCert, discusses Secure By Design and IoT security after DevOps. The IoT needs to be Secure By Design – it’s an oft-repeated and fundamental best practice for IoT security. However – it’s not enough. Secure By Design is a necessary but insufficient step to reach the goal of a secure IoT.

Secure By Design is not enough to secure the IoT. It has become the watchword of security and IoT discourse because it addressed a fundamental problem – that manufacturers were designing, building and releasing insecure IoT devices without any form of remotely adequate security.

When security was considered – it would be tacked on afterwards but would rarely be a core part of the device design process.

Security considerations were largely absent from the development process of millions of devices. This has been one of the key reasons for the broader insecurity of this booming field of technology. As a result, Secure By Design came as an injunction for manufacturers, developers and vendors to consider cybersecurity as a key part of device development.

However, it’s only a part of IoT security. It is a necessary but insufficient cornerstone in the broader security of a technology that will soon be ubiquitous.

IoT security after DevOps

The reality is that IoT devices face threats far beyond the design stage and throughout their lifecycle. If we really want to make the IoT secure – then we have to go beyond Secure by Design.

For example, Secure By Design advocates will often underline how important it is for a device to be able to update. They’re right – there have been many devices produced which cannot update and as such can’t be made secure even after they’ve gone to market.

However, the updates themselves can pose a risk. Attackers will often disguise malware as ordinary updates in an attempt to gain control of their device. Because updates can be a key vector for attackers, IoT security solutions need to include Secure Update provisions to ensure the integrity of firmware and data on the device.

Threats evolve and devices can become vulnerable at any part of its lifecycle so IoT security has to evolve to mitigate that risk.

Dealing with Scale

One of the principal problems with IoT security is the sheer scale over which these devices will be used. Those deployments will commonly involve hundreds, thousands or potentially millions of devices.

Managing that sprawl of devices can prove immensely difficult and is often riddled with errors: certificates often expire without the security team’s knowledge, updates can fail and Zero Days can emerge. If defenders can’t spot and respond to those errors, then attackers will use those devices as vectors to gain broader access to a network.

An attacker might only have to breach one device to get a foothold into a network, but a defender has to watch the multitude. Given the scale of many IoT deployments, that can be near-impossible to do manually and risks falling victim to any number of security risks.

Thus, when dealing with scale it’s incredibly important for defenders to have the right tools for flexibility and transparency, including the ability to revoke and renew certificates, update devices, send patches and ultimately, mitigate vulnerability.

Diversity of environments

Protection is further complicated by the sheer array of environments in which IoT devices will be used. Each comes with their own specific risks, needs and considerations and IoT security has to accommodate them all.

Many consumer devices will become part of the home network – such as connected doorbells, home assistants, kitchen appliances and even some connected vehicles. Others will be used in enterprises and incorporated into pre-existing corporate networks and their specific security controls. Medical devices in hospitals and manufacturing lines in industrial IoT will be considered safety critical and are often isolated from the open internet, creating different security needs.

It’s the diversity of these specific factors which IoT security must address. Solutions need the flexibility to work across the diversity of environments that IoT will be used in.

Protecting devices in the field

When it comes to protecting the IoT, we’re confronted with the challenges of managing potentially millions of individual devices and the specific requirements of the environments in which they will be used.

The critical requirement here is to have the granular control and visibility over individual devices that allows you to treat problems at their root. When IoT security problems arise in these sizable IoT deployments, you need the transparency to see the problem; the traceability to follow it back to its root and the control mechanisms to stop that incident at the device level.

For example, if one certificate expires amongst a huge deployment. Then it will have to be tracked down to its source so the certificate can be revoked and then renewed.

That starts with each device being provisioned with a digital identity that is secured by a certificate. That allows each device to be identified, authenticated and managed centrally, thus permitting the transparency, traceability and control needed to secure IoT devices throughout their lifecycle.

Automation will be key to achieving this as many IoT networks are far too large to police manually. Automating IoT security processes will ensure that enterprises can confidently take advantage of IoT benefits, while safeguarding themselves against the pitfalls of these multiporous and complex deployments.

IoT security needs to evolve with threats

Secure by Design is critical to IoT security. However, threats can arise at any time in a device’s lifecycle. To mitigate those risks, IoT security has to ensure granular device visibility and control, and automating to the greatest extent possible. Good security is security that is flexible, can scale and evolve as risks change. That’s why IoT security has to go from DevOps all the way to FieldOps.


Mike Nelson

Mike Nelson is the VP of IoT Security at DigiCert, a leader in digital security. In this role, Mike oversees the company’s strategic IoT market development for critical infrastructure industries. Mike frequently consults with organizations, contributes to media reports, and speaks at industry conferences about how technology can be used to improve cybersecurity for connected systems.

Before DigiCert, Mike spent his career in healthcare IT including time at the US Department of Health and Human Services, GE Healthcare, and Leavitt Partners. Mike’s passion for the industry stems from his personal experience as a type 1 diabetic and his use of connected technology in his treatment.

Inline Feedbacks
View all comments