With cybersecurity the top enterprise concern in edge computing, how does open source help – if at all?
According to IDC, Asia Pacific spending on edge technologies is expected to be US$43.7 billion in 2023, and spending is estimated to reach nearly $81 billion by 2027, as more organizations invest in the edge to harness its benefits, including low latency and improved efficiency for various applications.
At the same time, several security risks and challenges are associated with this technology, from data breaches to perimeter defense challenges, as the expansion of edge infrastructure presents the risk of a greater attack surface.
According to the latest The State of Edge Security Report by S&P Global Market Intelligence, commissioned by Red Hat, cybersecurity has become the top enterprise challenge in edge deployments as digitalization continues to open the attack surface.
How then can enterprises assess their current cybersecurity posture for risks from vulnerabilities and misconfigurations, and more importantly, safeguard their edge systems from being compromised?
CybersecAsia discussed some of the key challenges and findings from the report with Guna Chellappan, General Manager, Red Hat Singapore.
What is the current state of edge security today? Is APAC vulnerable to security attacks due to increased edge deployments?
Guna Chellappan (GC): Today’s global organizations are not limited by geography or borders. The same goes for their infrastructure. Organizations need to deploy applications and infrastructure wherever their business needs dictate.
Whether collecting data on a factory floor, processing payments in a retail store, or monitoring a vehicle in a defense exercise – meeting customer demands means moving data and processing from the datacenter to where business happens at the edge.
The benefits of edge are undeniable – from low latency, to improved efficiency across many different industries. APAC also has an appetite for edge technologies, with IDC estimating that edge tech spending in APAC will hit nearly $81 billion by 2027.
But moving data collection and computing from secure and physically accessible locations like a corporate data center also introduces new security risks and challenges for organizations. Devices, data, and applications go beyond the reach of the on-premise security stack, so this may open up risk areas including compromised credentials, malware and other malicious code, and DDoS attacks.
Adopting any emerging technology does come with an element of risk. But when approached with the right integrated planning mindset and expertise, the benefits of edge technology adoption far outweigh the risks.
If organizations can continuously analyze their edge environments to keep track of edge devices, this can support them in better predicting security risks, and taking recommended actions in the event of a breach.
How can organizations assess their cybersecurity posture, and specifically, their edge systems, to identify potential vulnerabilities and misconfigurations so as to not be compromised?
GC: The old adage of cybersecurity is still true here: prepare, prepare, and prepare some more. Cybersecurity is never a destination, but an ongoing exercise where technology is also as good as the people implementing and leveraging the tech.
So, organizations should continuously analyze their edge environments to keep track of edge devices – including what they are, where they are, and how they are operating. Key considerations might include but aren’t limited to:
- A user’s network access, because being offline will make it difficult to update edge devices or take away visibility of what’s happening
- Physical tampering and attacks, as edge environments can be remote, so supply chain attacks are something to bear in mind
- Managing edge devices at scale, as devices could potentially number hundreds, to hundreds of thousands
- How do we prevent human error in edge security
We have often seen that workloads deployed at the edge are often tied to a company’s core business such as retail point of sale systems, sensors on manufacturing lines, and connected medical devices in healthcare as examples. Ensuring steady operations of these key workloads, while protecting the data that is being processed becomes essential.
Most importantly, underlying all the tools and technology is how users are empowered
to use it. This requires adequate training and awareness building to secure the human and end-user layer which is the most critical when it comes to safeguarding against security threats. This is why we work with customers to take a strong, holistic security posture across the organization.
What is required for organizations to have resilient edge security infrastructure? Why is this integral to overall cyber-resilience for organizations?
GC: While there isn’t a silver-bullet technology or infrastructure for edge security, organizations should work towards designing a multi-layered and comprehensive edge security architecture internally. We recommend doing this in partnership with technology vendors across each of these categories, prioritizing those with demonstrated success, recognized certifications, and strong partnership ecosystems.
When powering your business with edge, it’s important to look at hardware and software together. Organizations may want to address the physical access challenges by protecting deployments. Then, they may want to protect the infrastructure as the architecture scales out. Lastly, we would recommend protecting workloads with a secure software supply chain. Edge security provides a way to protect against zero-day threats, malware, and other vulnerabilities at the point of access.
Designing an edge ecosystem is the first step towards scaling edge deployments and ensuring a resilient security posture that can support it. This will drive even greater long-term impact when aligned with sound edge security principles.
Tell us more about the double-edged sword of data in edge technologies. More importantly, how can organizations protect their data?
GC: Edge unlocks huge potential when it comes to data. With a constant flow of data from a device or sensor beyond the confines of a datacenter during edge deployments, this presents an opportunity for new vulnerabilities and challenges, as data captured could be exposed to cyber attackers. Data needs to be protected in motion and at rest by ensuring that data is encrypted both in transit and at rest.
At Red Hat, our approach to edge security enables organizations to deploy at the edge with a stable foundation, while managing complexity and monitoring at the edge 24×7. We look to boost security for both traditional and containerized environments.
This approach to edge and hybrid cloud security prioritizes the integration of security throughout the entire infrastructure and application stack and life cycle. Specifically, by building security into applications, deploying applications onto a hardened platform, and managing, automating, and adapting an organization’s infrastructure and applications as security and compliance requirements change.
Please share some best practices that organizations can implement for edge security.
GC: The reassuring, and maybe sobering news, is that we are all thinking about security. The State of Edge Security Report from S&P Global Market Intelligence, commissioned by Red Hat, shows that the top three security concerns were cyberattacks by malicious insiders (70%), cyberattacks from external attackers (69%) and vulnerabilities (68%).
Security readiness is the logical next step. The best practices that our security team suggests are:
- Firstly, organizations need to have a clear view of what their security risks are, and when, how, and why these risks could be exposed.
- Next, we encourage adoption of a Zero Trust model to reduce the likelihood of account misconfigurations and leaky credentials becoming a major attack point in edge environments.
- Thirdly, organizations should ensure isolation through network and access control policies that do not allow communication between edges or between cloud and edge, so that attackers cannot easily move laterally between assets. This way, incidents can be more easily contained.
- Lastly, account for security wherever needed. With more applications and deployments on the edge, it has created a need for security beyond traditional corporate perimeters, to extend toward wherever applications are running. Technologies like SD-WAN and cloud-based Secure Access Service Edge (SASE) tools will continue to play an important role in placing network and security services where they are needed most within an organization’s infrastructure.
Trust is essential to doing business. That’s why businesses work every day to secure customer data. When it comes to security, organizations may only be as good as their weakest link.
By tapping on the collective power of open source and its iterative and agile processes, we can support a greater security posture that safeguards companies, enables them to bounce back quickly in a breach scenario, and supports better customer trust.