As President and CEO of Ordr, Greg is responsible for the overall vision and strategy of the enterprise IoT security company.
Getty
R.M.S. Titanic was a marvel of modern engineering. The luxury liner was built with the latest technologies and amenities of its time. It was to set the new standard for watertight integrity — a design that would minimize the effects of a breach by containing water in a confined space. In the unlikely event of a collision at sea, the Titanic’s watertight integrity would keep the ship from taking on too much water, enabling it to reach port safely.
Titanic’s safety systems should have kept the ship afloat even after striking an iceberg. They didn’t, and subsequent analysis of the Titanic disaster concluded that — among a multitude of causes including poor visibility, faulty construction and inadequate controls — the major contributing factor was a failure to implement effective watertight integrity. Automatic hatches to contain flooding were designed with gaps along the top — they were "like a jar without a lid." As the ship took on water and pitched forward, that water poured over from compartment to compartment, ultimately leading to its demise.
Over a century later, the Titanic disaster is an enduring cautionary tale of the cost of improper application of an otherwise solid plan. Among other things, its lessons continue to influence and inform modern-day safety and design — even IT operations management and security.
Drawing on the past for a secure (digital) future
Today’s infrastructures are a complex amalgam of hardware and software, each with a purpose related to running the network and applications that support the business. There are servers and storage, operational technology (OT), applications and devices, and a host of other equipment connected to it all.
Too often, however, things spin out of control. For instance, if unsecured devices connect to a VLAN shared with critical systems, a breach can quickly escalate. Under these conditions, a compromised HVAC controller might put protected financial information or medical system operations at risk.
With Titanic’s fatal flaws in mind, we can identify four patterns of risk when managing and securing IT operations:
1. It only takes a single breach: Titanic was a much-anticipated marvel of modern engineering and the largest ship ever built at that time. The enormous size meant that, under the stress of a high-speed collision in the cold waters of the North Atlantic, the steel hull and iron rivets became brittle. As compartments flooded, the failure was catastrophic.
Similarly, today’s enterprise networks are segmented into multiple VLANs, with the idea that devices in one VLAN can be protected from incidents in another. The problem is that many of these VLANs are massive, with tens of thousands of commingled devices — many of which are unsecure or unmanaged or contain unknown weak points. When one is breached, others become vulnerable, and under the stress of an attack, these weaknesses can threaten the entire network.
2. Lack of visibility can be detrimental: A combination of distorted visibility at sea and an inability to know the status of hatches and safety features sealed Titanic’s doom. The crew didn’t see the iceberg until it was too late, and once the hull was breached, they couldn’t react fast enough.
Similarly, devices that connect to a network beyond the sight of IT and are nowhere in their asset inventories create risk. Because networks grow and change state quickly, with devices connecting and disconnecting and applications and compute instances turning on and off as users need them, the ability to see the entire network, as well as what devices are connected and their communications patterns, in real time is vital.
3. Ensure proactive control measures: On a ship so large and complex, it was impossible to know the status of and properly operate all the safety features, including automatic, electronic and manual hatches.
In enterprise IT, devices that end up in the wrong network segment — like a network-connected vending machine operating on the same segment as a surgical robot — may prevent timely response and effective mitigation. With proper design and implementation, vulnerable segments can be isolated, limiting the spread of an attack.
4. Expect unanticipated behavior: The size and scale of Titanic — and the scope of the ship’s innovations — was unknown and unfamiliar to even its experienced captain and seasoned crew. And there was little time for proper inspection and safety training.
In a complex, modern network that has grown indiscriminately, IT management can’t tell normal device behavior from that which is at risk or compromised. Without that knowledge, effective policies cannot be written or executed. Instead of locking segments down when something goes wrong, IT leaves them exposed rather than risk interfering with their business or critical function.
Following the Titanic disaster, the ideal of designing for watertight integrity wasn’t abandoned; it was updated to account for the needs and capabilities of modern design. In IT, the concept of microsegmentation — creating security zones at the device level — is the right approach, and it must be extended to IoT security.
But automation that can discover and categorize each device connected to the network is required to understand function and behavior, as well as to devise effective segmentation policy. Maintaining technical watertight integrity requires that the IoT devices be allowed to only perform sanctioned communications flows and are isolated based on purpose and risk profile. Automation eliminates human error, leading to better operational processes to address IoT device adds, moves and changes.
We face a titanic challenge of securing the 18 billion devices expected to be in service by 2022. While there is no “one size fits all” in IT management and security, the proliferation of technologies like IoT renders the old rules-based approach to management and security ineffective and even counterproductive. But with the right segmentation approach — visibility, behavioral analytics and automation — we will be best positioned to avoid an unfortunate encounter with a proverbial iceberg.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
