The Internet of Things is all around us – think of the virtual assistant in your living room or a sensor that turns on the lights when you enter an empty conference room at work. These small internet-connected devices raise the level of security threats in ways your traditional enterprise has yet to see. As you roll out more IoT devices, it’s time to add IoT threat modeling – a structured approach to identifying, quantifying, and addressing IoT security risks to your cybersecurity strategy.
Know How Your IoT Devices Affect Other Systems
A common threat modeling mistake according to CSO is not knowing how your IoT devices affect other systems, making this exercise all the more important for maintaining the security and compliance of your enterprise IoT devices. Some common IoT device components that are threat surfaces you should account for in your threat model include:
· Device memory;
· Device firmware;
· Physical interfaces;
· Device network services;
· Local data storage;
· Device web interface; and
· Update mechanisms.
You also need to look past the devices in your models to include:
· Access control;
· Ecosystem communications;
· Administrative interfaces;
· Cloud web interfaces;
· Vendor application programming interfaces (APIs);
· Third-party back-end APIs; and
· Mobile apps.
ThreatModeler provides an interesting IoT threat modeling example using Virgin Atlantic. It takes the extra step in the example to stress the importance of including both data and devices in your IoT threat model.
Create Architecture Diagrams
Start with an architecture diagram of the IoT devices you’re rolling out. The goal of the diagram is to show the major components and trust boundaries of the IoT device, according to Denim Group. You can use standard diagramming tools to create the diagram. If you’re rolling out multiple IoT device types, look for ways to create diagram standards and templates to ensure consistency.
Creating the architecture diagram needs to become part of your standard best practices for rolling out IoT devices. It’s a task that you can, of course, task to the IT staff rolling out the devices. It can also be a task that you assign to technical writers and service desk staff who have the appropriate diagramming skills. Your cybersecurity team should be at the top of the reviewer’s list for these diagrams.
Make IoT Threat Modeling Iterative and Collaborative
IoT threat modeling should never be a one-and-done project. The security threats that the IoT can introduce into an enterprise demand more than that. The diagrams and other documentation you produce for your IoT devices should serve as tools for collaboration between the teams that support your IoT initiatives. Tools such as Lucidchart and Microsoft Visio Online can enable teams collaborate on IoT threat modeling diagrams online so that they can update and revise the IoT threat models continuously as they learn more about IoT and adapt infrastructure and security to meet the new security challenges these devices represent.
Smart Home Technology and the IoT Threat Models
According to Statista, the smart home market size by 2022 will be $53.5 billion. However, we’ve yet to add IoT threat modeling to “the home game” to help consumers secure their home networks against IoT-related attacks. It’s only a matter of time until some home networking or security vendor seizes on this market need and devises a subscription-based solution to improve IoT security on consumer networks.
IoT Threats and Your Enterprise
Moving to IoT threat modeling should be a cross-functional team exercise that you make part of your overall IoT development and management processes and frameworks. If your enterprise isn’t there yet, IoT threat modeling is the first step in growing your IoT security and integrating it into your overall cybersecurity strategy.