No, this isn't a tirade on the security of IoT. It's about story about change. Specifically, change and its implications on security.
Change is constant. There's a million different axioms and proverbs about change, so it's really hard to choose just one to sum up how it impacts security. Inarguably it does. And right now there's a lot of change going on that's impacting security.
"Micro" movement like microservices and microsegmentation are dramatically changing perimeters and breaking apart traditional "edge" security into distributed pockets of security, each architected specifically for the application or architecture it's protecting.
The nearly ubiquitous use of HTTP as the de facto application transport protocol (it's the new TCP, you know) has led to an increasing rise in the elimination of network access and an increase focus on application access, as well as more attention being paid to the security dangers inherent in the application layer.
The rise of connected things both internal and external to the data center are of course a concern; putting pressure on networking and security operations alike to adjust in rapid fashion to an increasingly complex array of connections, applications, devices, people and data.
And of course attacks are on the rise, with the DPS of a DDoS having doubled in just the past few years.
These are all changes. Some good, some bad, some inherently neutral, but all impacting security in one way or another.
Out of these interconnected and interrelated trends comes four key areas of concern: web application security, scale and capabilities of access and identity management, operationalization and DDoS protection mechanisms.
The Internet of Security Things is a quick look at change across all four of these areas and what we can do to start addressing them.
About the Author
Related Blog Posts
The everywhere attack surface: EDR in the network is no longer optional
All endpoints can become an attacker’s entry point. That’s why your network needs true endpoint detection and response (EDR), delivered by F5 and CrowdStrike.
F5 NGINX Gateway Fabric is a certified solution for Red Hat OpenShift
F5 collaborates with Red Hat to deliver a solution that combines the high-performance app delivery of F5 NGINX with Red Hat OpenShift’s enterprise Kubernetes capabilities.
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.