How can businesses leverage their platforms to securely operate in a broader digital ecosystem?
With the evolution of the IoT and digital industry ecosystems, platform-based businesses will capture more of the digital economy’s opportunities for growth and profitability. Machine-to-machine communications and advanced analytics will leverage digital platforms. Intelligent Enterprises will benefit from the influx of shared, crossindustry data. And advances in processing power, data science and cognitive technology will help businesses prepare for the growing wave of complex cyber-attacks. To take full advantage of these platform capabilities, businesses must increase their focus not only on security, but also on leveraging the platform to augment existing security intelligence. It is critical to understand the potential for misuse of data and functionality on platforms, and to realize they give an adversary more motivation for mayhem. Having greater insight into how edge and core IT devices are behaving can also help businesses protect against increasingly complex and subtle threats.
Understand physical security risks Leveraging a digital platform to make decisions and influence the function of a business’ products and services introduces a high-value target for an adversary. Since these platforms provide insights into the functionality of numerous digital devices and equipment across the business, as well as some degree of command and control over them, the possibility of cyber-physical attacks increases. The consequences of these attacks can range from inconvenient to life threatening. Take connected car services as an example. Recently BMW’s ConnectedDrive system experienced a vulnerability that enabled 2.2 million cars to be unlocked remotely—an open-door invitation to car thieves.13 As the functionality of connected car services improves to include things like engine optimization based on individual driving habits, the risk for abuse of these capabilities increases with the potential for severe physical outcomes. To mitigate these types of intensified physical security risks, businesses should regularly evaluate all of their business platforms for vulnerabilities and monitor them for irregular behavior, apply threat modeling to understand what is possible to accomplish within the platforms, and leverage threat intelligence to understand when adversaries are motivated to accomplish those possibilities. In addition, as new cross-industry digital platforms emerge, businesses can analyze behaviors across these platforms to further mitigate risk or reduce time to detect new threats. Evolve data security intelligently Since businesses are beginning to aggregate data from industrial, operations, management, information technology and security systems into one ecosystem, they must apply new security capabilities to protect company assets. This is especially important in the IoT era. As described earlier, businesses must proactively work to identify security threats within the data being collected from devices. One solution comes from GE’s Predix platform, which collates data from intelligent industrial systems and identifies issues that may necessitate maintenance. Businesses can further leverage the platform’s analytics to identify unusual changes in customer behavior and detect performance changes that may be technology threats. Plan security into the platform Securing digital platforms begins before development work even starts. Businesses can reduce risk by collaborating with potential ecosystem partners to brainstorm possible security challenges across and beyond their industry. Businesses should also identify what types of security-related data the platform can gather, as well as ways the platform can be leveraged to monitor edge and core devices for abnormal activity
Similarly, it is important to look at all available enterprise data, not just what is stored in security products. Determining the value of these data sets could provide insight into where more complex threat activity might originate. For example, business process activity, which normally is monitored outside the scope of security, may be leveraged within data processes to identify behaviors that adversaries could exploit in an attack. Businesses should employ techniques for more subtle evaluation of internal activity, centralize the data into a common platform, and utilize data visualization to understand specific behaviors and quickly pinpoint outliers. Finally, businesses looking to utilize technology and data platforms to operate in the digital business era must emphasize the importance of customer trust. Platform breaches will erode customers’ trust in the safety and reliability of a company’s products and services; data breaches resulting in compromised customer privacy have an equally negative impact. Businesses should proactively embed security and privacy controls into their platforms as a core function, and not rely on best practices or compliance regulation to set the bar. Utilize existing platforms to augment security intelligence The US government has recognized the value of cross-industry collaboration for cyber security in its recent formation of the Cyber Threat Intelligence Integration Center (CTIIC). According to Lisa Monaco, Assistant to the President for Homeland Security and Counterterrorism, prior to the CTIIC there was no single government entity responsible for assessing and sharing cybersecurity threat information, nor for supporting policy makers with timely information. Monaco said, “To truly safeguard Americans online and enhance the security of what has become a vast cyber ecosystem, we are going to have to work in lock-step with the private sector. The private sector cannot and should not rely on the government to solve all of its cyber-security problems. At the same time, I want to emphasize that the government won’t leave the private sector to fend for itself.”14 Similar initiatives are forming in the UK and other geographies that will have enterprises defining the models that work for them.
As digital platforms continue to capture new data and offer innovative ways to catalyze growth, they can also be used to increase security effectiveness. The digital platform can contain a wealth of information—from normal machine-to-machine behavior to standard operating conditions of edge devices. Ideally, businesses should select platforms that provide cyber-threat assessment indicators and share timely information to prevent systemic attacks.
Security DevOps As businesses develop applications on top of these platforms, they are rapidly shifting towards an agile development model termed DevOps.15 Within DevOps, where application development embraces the agility of automation and short sprints to implement new features and fix defects rapidly, there is a disruption to the normal approaches that security uses to identify and mitigate risk within applications. Traditional approaches typically involve a great deal of planning and design, activities that are humanintensive in execution and require final sign-off prior to release of an application. Activities such as code scanning will need to change to be more iterative and automated, leveraging technologies such as Cenzic and Qualys to assess vulnerabilities and risks as the application is developed. DevOps greatly speeds how quickly a digital business can develop and deploy applications, as well as incorporate new features into the services they offer. Security should be baked in from the start and embedded into how the DevOps process functions. To accomplish this, security needs to be low impact to the process, automated to a high degree and intelligent enough to guide developers in understanding risk as they make changes to the application. Conclusion Platform security is a vital capability to operating in the digital ecosystem. In order to thrive, businesses must understand the potential cyber-physical risks of delivering platform-based services and augment existing security efforts with digital platform intelligence. Accenture recommends combining operational and security information across the enterprise—and across platforms—to help businesses respond effectively to the rapidly changing cyber landscape.