It’s now been 5 years since the first release of the NIST Cybersecurity Framework. Originally aimed at operators of critical infrastructure, the framework has been updated to also support the needs of private sector organizations in the U.S., primarily to help them assess and improve their ability to prevent, detect and respond to cyber attacks.
Use of the framework extends far beyond the United States, however, as there have already been more than half a million downloads from interested parties in more than 30 countries. NIST’s practical guidance is used by a wide range of businesses and organization that want to be proactive about risk management.
But businesses aren’t the only ones who can benefit from observing the framework’s best practices. Device and equipment manufacturers, too, can benefit from designing their products with inherent features that dovetail with the proactive approach to cybersecurity. This is especially true for device manufacturers in the burgeoning Internet of Things (IoT) space. With millions – billions, even – of new IoT devices expected to connect to the Internet in the years ahead, they mustbe designed with the inherent ability to protect themselves and fend off cyber attacks. If devices lack such features, they will ultimately be rejected by the businesses and agencies that want products that help them adhere to the cybersecurity framework’s best practices.
In fact, U.S. law might soon require stronger security in IoT devices…
A new bill was just introduced into the U.S. Congress that would require that devices purchased by the U.S. government meet a certain level of security requirements. Specifically, the Internet of Things (IoT) Cybersecurity Improvement Act of 2019 would:
Similar to the guidelines and proposed legislation in the U.S., ENISA, the European Union Agency for Network and Information Security, has published the Baseline Security Recommendations for IoT in the context of Critical Information Infrastructures. The aim of this work is to provide insight into the security requirements of IoT, mapping critical assets and relevant threats, assessing possible attacks and identifying potential good practices and security measures to apply in order to protect IoT systems. Among the recommendations are:
The current NIST framework covers very well how manufacturers can design products securely. Cybeats is a technology partner that can support manufacturers’ security efforts at every point of the security cycle.
Cybeats protects IoT devices throughout their lifecycle by taking a unique “inside out” approach to cybersecurity. Our software is embedded into the devices as a non-intrusive micro-agent to provide continuous protection, allowing devices to instantly detect even the most sophisticated threats, block them to prevent harm, and gather intelligence to help neutralize the threats. Then when the manufacturer updates the firmware to eliminate vulnerabilities, Cybeats automates firmware distribution to all devices in the field to restore a secure posture. This process follows the best practices of the NIST Cybersecurity Framework in the following ways:
"Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities."
With the Cybeats micro-agent embedded in an IoT device, we are able to discover the assets of the device and the dependencies they have on external software libraries. Cybeats can determine if the device has any initial vulnerabilities before the product ships, which ensures the manufacturer sends a “clean” product to market.
"Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services."
Cybeats develops a profile of the device in its healthy state to provide a benchmark against which future states can be compared. In this way, we can detect even minor variations from the profile the device shouldhave. In addition, Cybeats continuously monitors for reports of vulnerabilities in the third-party software.
"Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event."
Cybeats can immediately detect any variations in the device profile and notify the manufacturer as well as the end users of the device.
"Develop and implement the appropriate activities to take action regarding a detected cybersecurity event."
If suspicious activity on the device is detected, Cybeats can immediately neutralize the threat to prevent harm. Further, we facilitate the distribution of firmware updates to every affected device and keep all devices updated proactively. The process doesn’t depend on end users retrieving an update for themselves; Cybeats pushes all updates to them.
"Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event."
Cybeats helps the affected systems recover from a breach without having to disconnect from the Internet by blocking the threat until a firmware update can be implemented. Thus, there is no downtime and operations can proceed as usual.
The NIST Cybersecurity Framework is embraced around the world by all types of organizations as the model for best practices to assess and improve their ability to prevent, detect, and respond to cyber attacks. Device manufacturers need to embrace the same model and implement the practices that will help their customers adhere to the NIST framework. By design, Cybeats can help IoT device manufacturers achieve this goal.