Who can take responsibility for the security of billions of IoT devices?

The term “Internet of Things” has been around for nearly two decades, but we still face the same problem: “Who is responsible for ensuring the security of billions of IoT devices?” Given the recent market developments, you think we have figured out This problem is actually not that simple.

While IoT security has been a hot topic of discussion, it has become more important and challenging than ever. First, the era in which the operational technology (OT) department is fully responsible for protecting the security of the Internet of Things has passed. Previously, they physically separated production operations and industrial networks from corporate networks and the Internet, often adopting the practice of “security through concealment”. While companies realize the need to integrate IT with OT to support new usage scenarios, support open data flows between networks and applications, support better business decisions, reduce costs, and reduce complexity, IT practices and OT A new attack surface emerged from the gaps in practice.

Second, cybercriminals are increasingly exposed to these precarious attacks to find the Internet of Things. Studies have shown that DDoS (Distributed Denial of Service) launched by the Internet of Things (IoT) device becomes the main body of the Internet of Things botnet. For example, the Mirai botnet infects thousands of IoT devices, allowing them to collaborate on large-scale cyber attacks.

Third, when it comes to IoT security, each vertical area is different, some have critical or mission-critical infrastructure, and there are different regulations. For example, in the utility industry, the US government recently ordered the adoption of the fifth edition of the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) as a cybersecurity standard, and the healthcare industry requires compliance with the Health Insurance Portability and Accountability Act. (HIPPA) to ensure data data security.

While global enterprise IT, chief information security officers, and governments play a central role in IoT security, there is a consensus around a core set of requirements that meet key requirements for security, data protection, and privacy. This is everyone, Especially the responsibility of the industry.

Device vendors and security vendors are important to the IoT ecosystem. However, equipment manufacturers have not made great efforts to improve security because it adds cost, complexity and time to market. Given the obvious missteps of many vendors' security practices, such as putting default names and passwords into devices, consumer-grade IoT devices are very easy to take.

However, after a series of high-profile consumer-grade IoT attacks in 2016, not only did governments consider regulatory, but more equipment manufacturers finally began to invest appropriately in IoT security. These vendors take a two-pronged approach: protecting devices from the network and vice versa. For example, vendors can now add an extra layer of security to devices by using the IETF MUD standard, allowing them to "tell" the network what access rights the device requires. This allows the network to reject any abnormal requests from the device.

At the same time, industrial IoT vendors are working together to establish standards, interoperability and certification for IoT security. For example, manufacturing standards bodies such as ODVA, OPC, and ISA strive to be consistent with IEC 62443 in terms of security. These standards combine a higher level of horizontal practices for specific vertical industry best practices with common elements such as industrial security. In addition, organizations such as the IETF, the Industrial Internet Consortium (IIC) Security Working Group, and the IEEE have been actively developing IoT security frameworks, standards, and methods to ensure network security for interconnected IoT systems of different brands, models, and types. This will help companies reduce risk when developing and deploying IoT solutions.

The IoT environment is more distributed, more heterogeneous, more complex, and often much larger than traditional IT environments, and its unique challenges make the work of all parties more complex. This brings us to the next line of defense for IoT security: the company.

As vendors struggle to address the security challenges of the Internet of Things and actively adopt interoperability standards, companies in all industries must do their utmost to protect the Internet of Things and prevent potentially catastrophic cyber attacks. Key tactics include an in-depth understanding of enterprise networks, network endpoints, IoT devices, and cloud infrastructure. To do this, consider the following tools and best practices:

1. Inventory devices and systems connected to the network

Security teams typically only use snapshot views or obsolete lists that manage devices as a reference. Try to automate the process of discovering devices, know exactly which operating systems are running, quickly patch them, and fix known security vulnerabilities. In addition, a centralized platform that integrates all IoT projects provides visibility (and security) to gain new value from data shared between different systems.

2. Real-time monitoring and leak path detection

Focus on this type of solution: closely monitor network traffic, detect attackers, and track how IoT devices interact with the network and other devices. If the IoT device is scanning another device, or if the originally stable traffic pattern changes, this is likely to indicate a malicious activity. For example, if the HVAC system is in contact with a point-of-sale (POS) system, or if the POS suddenly sends data to the cloud, you can quickly mark it and disable the activity.

3. Implement network segmentation and role-based access control

Ensure that only authorized people, machines, or processes can access certain categories of devices or data streams. There is no reason to allow HVAC to contact the POS. In order to prevent this connection, these systems are isolated on different network segments. Remember to periodically review the segmentation strategy and periodic test results.

4. Train employees to create a culture of safety awareness

Your employees (no matter what role) should be the first line of defense against countless threats. Like the Internet of Things itself, security education is never “once and for all”. Another problem facing IT and the Internet of Things is that 60% of security threats come from within. A quarter of these security threats are unintentional: from clicking on a link in a phishing email to accidentally opening a door to someone who is not wearing a badge. To reiterate, ensuring the security of the Internet of Things is a matter for everyone.

While these best practices help protect the Internet of Things, it is ultimately up to companies to adopt a comprehensive, policy-based approach to IoT security that integrates data security, device security, and physical security. This will support the new IoT use and provide customers with a single point of responsibility. With billions of new devices coming online every year, network perimeters or "security through stealth" mechanisms have failed to secure IoT systems. If we want to get the full benefits of a networked system, everyone has to do something.

So, what is your role in ensuring the security of the Internet of Things?

LCD Power Meter Socket

Power Meter is a monitoring and testing instrument which determines the power consumption of a connected appliance and the cost of the electricity consumed.
Built-in 3.6V rechargeable Batteries ( . The purpose of the batteries is to store the total electricity and memory setting
Resetting
If an abnormal display appears or the buttons produce no response, the instrument must be reset. To do this,
press the RESET button.
Display Mode
Entire LCD can be displayed for about 1 minute and then it automatically gets into Model. To transfer from
one mode to the other, press the FUNCTION button.
Mode 1: Time/Watt/Cost Display Display duration(how long) this device connect to power source.LCD on first line shows 0:00 with first two figures mean minutes(2 figures will occur while occur at 10 min) and the rest shows seconds. After 60mins, it displays 0:00 again with first two numbers meas hour(2 figures will occur at 10hours)and the rest shows minutes. The rest can be done in the same manner which means after 24 hours, it will re-caculate. LCD on second line displays current power which ranges in 0.0W 〜 9999W. LCD on third line displays the current electricity costs which ranges in O.Ocost 〜 9999cost. It will keep on O.OOcost before setting rate without other figures.
Mode 2: Time/Cumulative electrical quantity Display Display duration(how long) this device connect to power source.
LCD on first line shows 0:00 with first two figures mean minutes(2 figures will occur while occur at 10 min) and the rest shows seconds. After 60mins, it displays 0:00 again with first two numbers meas hour(2 figures will occur at 10hours)and the rest shows minutes. The rest can be done in the same manner which
means after 24 hours, it will re-caculate. LCD on second line displays current cumulative electrical quantity which ranges in 0.000KWH 〜 9999KWH without other figures. LCD on third line displays"DAY"- "1 'Will be showed on numerical part(the other three figures will be showed at carry) which means it has cumulated electrical quantity for 24hours(one day). The rest can be done in the same manner untill the maximal cumulative time of 9999 days.
Mode 3: TimeA^bltage/Frequency Display LCD on first line displays the same as Mode 1 dones. LCD on second line displays current voltage supply (v) which ranges in 0.0V 〜 9999V .LCD on third line displays current frequency (HZ) which ranges in 0.0HZ 〜 9999Hz without other figures.
Mode 4: Time/Current/Power Factor Display LCD on first line displays the same as Mode 1 dones.LCD on second line displays load current which ranges in 0.0000A 〜 9999A. LCD on third line displays current power factor which ranges in 0.00PF 〜 LOOPF without other figures.
Mode 5:Time/Minimum Power Display LCD on first line displays the same as Mode 1 dones. LCD on
second line displays the minimum power which ranges in 0.0W 〜 9999W. LCD on third line displays character of "Lo" without other figures.
Mode 6: Time/Maximal Power Display LCD on first line displays the same as Mode 1 dones. LCD on second line displays the maximal power which ranges in 0.0W 〜 9999W. LCD on third line displays character of "Hi" without other figures.
Mode 7: Time/Price Display LCD on first line displays the same as Mode 1 dones. LCD on third line displays the cost which ranges in O.OOCOST/KWH 〜 99.99COST/KWH without other figures.
Overload Display: When the power socket connects the load over 3680W, LCD on second line displays the''OVERLOAD[ with booming noise to warn the users,( 1918928,selectable choice)
Supplemental informations:
1: Except [OVERLOAD[ interface, LCD on first line display time in repitition within 24hours.
2: LCD on first line, second line or third line described in this intruction take section according to two black lines on LCD screen. Here it added for clarified purpose.
3. Mode 7 will directly occur while press down button "cost".
4. [UP"&"Down" are in no function under un-setting mode.
Setting Mode
1. Electricity price setting
After keeping COST button pressed lasting more than 3 seconds(LCD on third line display system defaults price, eg O.OOCOST/KWH ),the rendered content begins moving up and down which means that the device
has entered the setting mode. After that, press FUNCTION for swithing , then press "UP"and "DOWN" button again to set value which ranges in OO.OOCOST/KWH 〜 99.99COST/KWH. After setting all above, press COST to return to Mode7 or it will automatically return to Mode7 without any pressing after setting with data storage.

LCD Display Power Meter Socket,Power Meter Plug Outlet,Electricity Usage Monitor Socket,LCD Energy Power Meter Socket,Digital LCD Power Meter Socket

NINGBO COWELL ELECTRONICS & TECHNOLOGY CO., LTD , https://www.cowellsockets.com