Edge Computing Set to Push Security to the Brink

In the coming years, the requirement for real-time data processing and analysis will drive organizations to adopt edge computing in order to reduce latency and increase connectivity between devices – but adopters will inadvertently bring about a renaissance of neglected security issues. Poorly secured edge computing environments will create multiple points of failure, and a lack of security oversight will enable attackers to significantly disrupt operations.

Organizations in industries such as manufacturing, utilities, or those using IoT and robotics will be dependent upon edge computing to connect their ever-expanding technical infrastructure. However, many will not have the visibility, security or analysis capabilities that have previously been associated with cloud service providers – information risks will be transferred firmly back within the purview of the organization. Attackers will exploit security blind spots, targeting devices on the periphery of the network environment. Operational capabilities will be crippled by sophisticated malware attacks, with organizations experiencing periods of significant downtime and financial damage.

Poor implementation of edge computing solutions will leave organizations open to attack. Nation states, hacking groups, hacktivists and terrorists aiming to disrupt operations will target edge computing devices, pushing security to the brink of failure and beyond.

What is the Justification for This Threat?

As the world moves into the fourth industrial revolution, the requirement for high-speed connectivity, real-time data processing and analytics will be increasingly important for business and society. With the combined IoT market size projected to reach $520 billion by 2021, the development of edge computing solutions alongside 5G networks will be required to provide near-instantaneous network speed and to underpin computational platforms close to where data is created.

The transition of processing from cloud platforms to edge computing will be a requirement for organizations demanding speed and significantly lower latency between devices. With potential use cases of edge computing ranging from real-time maintenance in vehicles, to drone surveillance in defense and mining, to health monitoring of livestock, securing this architecture will be a priority.

With edge computing solutions, security blind spots will provide attackers with an opportunity to access vital operational data and intellectual property. Moreover, organizations will be particularly susceptible to espionage and sabotage from nation states and other adversarial threats. Edge computing environments, by their nature, are decentralized and unlikely to benefit from initiatives such as security monitoring. Many devices sitting within this type of environment are also likely to have poor physical security while also operating in remote and hostile conditions. This creates challenges in terms of maintaining these devices and detecting any vulnerabilities or breaches.

Organizations that adopt edge computing will see an expansion of their threat landscape. With many organizations valuing speed and connectivity over security, the vast number of IoT devices, robotics and other technologies operating within edge computing environments will become unmanageable and hard to secure.

Edge computing will underpin critical national infrastructure (CNI) and many important services, reinforcing the necessity to secure them against a range of disruptive attacks and accidental errors. Failures in edge computing solutions will result in financial loss, regulatory fines and significant reputational damage. An inability to secure this infrastructure will be detrimental to the operational capabilities of the business as attackers compromise both physical and digital assets alike. Human lives may also be endangered, should systems in products such as drones, weaponry and vehicles be compromised.

How Should Your Organization Prepare?

Organizations that are planning to adopt edge computing should consider if this architectural approach is suitable for their requirements.

In the short term, organizations should review physical security and potential points of failure for edge computing environments in the context of operational resilience. Carry out penetration testing on edge computing environments, including hardware components. Finally, identify blind spots in security event and network management systems.

In the long term, generate a hybrid security approach that incorporates both cloud and edge computing. Create a secure architectural framework for edge computing and ensure security specialists are suitably trained to deal with edge computing-related threats.

About the author: Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of focus include strategy, information technology, cyber security and the emerging security threat landscape across both the corporate and personal environments. Previously, he was senior vice president at Gartner.

Copyright 2010 Respective Author at Infosec Island

via Infosec Island Latest Articles https://ift.tt/3fiLTRt
RSS Feed

If New feed item from http://www.infosecisland.com/rss.html, then send m


Unsubscribe from these notifications or sign in to manage your Email service.

Download IFTTT for iOS Download IFTTT for Android

Comments

Post a Comment

Popular posts from this blog

Evernote cuts staff as user growth stalls

Image
Note-taking app Evernote has fallen on hard times of late, culminating in its latest spate of job cuts impacting 15 percent of its workforce (54 employees). CEO Chris O' Neil -- an ex-Googler who took the reins in 2015 -- announced the firings at an all-hands meeting earlier today, reports TechCrunch . In a message on the Evernote blog , O' Neill admitted he'd set "incredibly aggressive goals" for the company in 2018. He continued: "Going forward, we are streamlining certain functions, like sales, so we can continue to speed up and scale others, like product development and engineering." The layoffs follow an exec exodus just weeks ago and the company's recent brand refresh (complete with a refined logo and wordmark). But critics are more concerned about its product, especially the free tier, which they claim lacks the perks to
Read more

The best air conditioner

Image
By Liam McCabe This post was done in partnership with Wirecutter . When readers choose to buy Wirecutter's independently chosen editorial picks, it may earn affiliate commissions that support its work. Read the full article here . After six summers of researching, testing, and recommending window air conditioners, we've learned that quiet and affordable ACs make most people the happiest—and we think the LG LW8016ER will fit the bill in most rooms. This 8,000 Btu unit cools as efficiently and effectively as any model with an equal Btu rating, and runs at a lower volume and deeper pitch than others at this price. Little extra features like a fresh-air vent, two-axis fan blades, and a removable drain plug help set it apart, too. The LG LW8016ER is a top choice for an office or den, and some people will find it quiet enough for a bedroom, too. If our main pic
Read more

We won't see a 'universal' vape oil cartridge anytime soon

Image
Pre-loaded cartridges of cannabis concentrate are currently among the most popular means of consumption, and for good reason. They're discreet to use and easy to handle, a far cry from the dark days of 2016 when we had to dribble hash oil or load wax into narrow-mouthed vape pens by hand. But, frustratingly, an ever increasing number of oil cartridge manufacturers employ one-off design standards so that their products won't work with those of their competitors, thereby locking customers into proprietary ecosystems. We've already seen this with nicotine vaporizers -- which has a seen a massive rise in "pod systems" in the last few years, each outfitted with a unique canister and battery built to be incompatible with those of their competition. Is it too late for the burgeoning cannabis industry to set a universal standard for their product designs?
Read more