Recently, a few million web cameras infected with a small piece of malware interrupted services for PayPal, Twitter, Amazon, Netflix, and others, causing tens of millions of dollars in damage. Imagine if, instead of disrupting payments for goods and services, a compromised security forces camera were to begin monitoring flight line movements for the enemy, or to allow state actor access into critical infrastructure sustaining aerial troop support fighting ISIS.
These new cyber vulnerabilities extend beyond the non-kinetic Tactics, Techniques, and Procedures (TTPs) in place today. Over the course of the past several years, there has been an influx of point products to secure traditional assets (PCs, servers, switches, routers), as well as supportive methodologies that are deployed and operated across federal, commercial, and private enterprises around the globe. While these tools and solutions may address the traditional asset types, they do not address the recent Distributed Denial-of-Service (DDoS) attacks that utilized and compromised nontraditional Internet of Things (IoT) devices.
The first step in securing the cyber environment is to have full vision of your asset landscape. If you cannot see the devices operating on your network, it will be infinitely more difficult to secure. We at Three Wire realize that is a lot easier to say than do.
Three Wire and ForeScout Technologies are trusted partners, and believe in the importance of better understanding the true context of intent. Context is everything, and the key to thwarting the next DDoS event is to better understand the assets inside networks.
A device can only connect to the network via a switch port or a wireless port. Network owners need the ability to see devices the instant they connect to the network, without requiring software agents; to control so that each and every device or IoT on the network, along with its owner and purpose, are understood; and to orchestrate across the operational toolsets to share context and control intelligence among systems while enforcing a unified network security policy with agentless visibility and control capabilities.
That’s the key. Simple, right?
We all know that it’s not simple. But it’s possible. Accomplishing this level of security and visibility requires experts like us at Three Wire to implement a product like ForeScout CounterACT, which is currently in use across the DOD to manage and secure over 3 million devices. Unlike the traditional 802.1x or other NAC solutions, ForeScout CounterACT devices do not require that an agent or supplicant be deployed to monitor and secure the DOD’s global technology assets. The aforementioned recent attack vectors leveraged devices that have custom-developed or proprietary operating systems that cannot host a supplicant or agent. In traditional 802.1x implementations, devices such as these may be unmanaged and insecure, posing a nearly invisible risk. In many cases, IoT devices are not included as part of a DOD organization’s IT asset baseline. The 802.1x OSD mandate will assist the services to implement a “deny or allow” policy, but it will not provide the necessary granularity or persistent security to ensure that connected devices, including IoT, remain compliant to OSD polices.
Understand your needs, find a partner, like Three Wire, for the assessment and implementation, and get secure.