In the context of digital transformation, what are 7 habits of trustworthy devices and the 5 pillars of device protection?
The digital transformation of traditional original equipment manufacturer (OEM) offerings requires hardening connected and edge devices with a horizontal platform that provides a single pane of glass for operations technology (OT) security.
Deploying greenfield devices in traditional network silos alongside legacy brownfield devices in OT environments introduces major risks and exposes a huge attack surface for cyber warfare.
The imminent threats posed by the cybercrime syndicate and nation-state actors targeting critical infrastructure and unprotected devices warrant establishing a trust chain for supply chain risk management. This should be a collaborative effort between OEMs, brand name device vendors and managed security service providers (MSSPs).
The primary goal of digital transformation should be to manufacture devices at scale for supply chain risk management and operational resilience with visibility and control for tamper-resistance, anti-cloning and condition-based monitoring. The transformation must begin at the device. The passage to digital transformation requires all stakeholders to recognize the following realisms:
With this as the context for digital transformation, the seven habits of highly trustworthy devices include:
Device protection is based on five pillars of risk: device identification, device authentication, key protection, data protection and operational trustworthiness. Implementing risk countermeasures in trustworthy devices will far outweigh the cost of innovation for key players in the IoT ecosystem.
Transforming device management with applied data sciences and subscription-based cloud services offers key revenue drivers and a return on investment for rapidly emerging IoT segments, such as smart buildings, smart factories, smart cities and smart energy.
Within the next two years, emerging 5G and secure element-enabled services (e.g., TPM, SIM) will lead to a proliferation of heterogeneous connected and edge devices in traditional enterprise-managed ecosystems. That will present new challenges in OT/IT convergence and integration with cloud platform providers without vendor lock-in.