From remote workers’ laptops on home networks to Internet of Things devices, many organizations are dealing with a growing number of devices collecting, processing and transmitting data at the network’s edge. Traditional security strategies are struggling to keep pace, and security operations centers face new challenges in protecting an ever-expanding digital perimeter.
It’s critical for SOCs to adopt leading-edge security tools and strategies to stay ahead of emerging risks. Below, 20 members of Forbes Technology Council discuss how SOC strategies must be adapted to protect a burgeoning network of edge devices.
1. Shift Security Left In The Development Life Cycle
As more edge devices enter enterprise networks, security operations need to shift left to embed security earlier in the development life cycle. Building it in from the start prevents scrambling when vulnerabilities emerge post-deployment. We must architect with an eye toward safety, not bolt it on as an afterthought. – Marc Fischer, Dogtown Media LLC
2. Avoid A ‘One Size Fits All’ Mentality
When you approach security with a “one size fits all” mentality, you’re excluding potential customers. Take generative AI products deployed on edge devices. Depending on their industries, organizations will have different security and compliance requirements that call for cloud-based, hybrid or on-premises solutions. Meet your customers where they are without forcing them into a consumption model. – Yishay Carmiel, Meaning
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
3. Integrate Continuous, Real-Time Monitoring
Organizations must adapt their SOC strategies for the influx of edge devices by integrating continuous, real-time monitoring. Edge devices expand the attack surface, making traditional measures inadequate. Look for solutions that offer comprehensive threat intelligence and monitoring, which helps you detect vulnerabilities and compromised credentials promptly, ensure robust security, and minimize risks. – Youssef Mohamed, Buguard
4. Implement An Identity-First Security Approach
Since edge devices are not protected by a clear perimeter or boundary, organizations must implement an identity-first security approach to manage machine identities at scale across hybrid multicloud environments. This involves requiring trusted nonhuman identities to securely authenticate and encrypt their communications, which is foundational for deploying zero-trust security at the edge. – Gregory Webb, AppViewX
5. Focus On All Devices
The key is to focus on all devices, not just workstations and servers. With “bring your own device” policies, the threat landscape has broadened. The key is to implement continuous validation into the SOC to enable better visibility and better telemetry. For example, enabling user ID awareness for human identities tagged to devices will help mitigate risk and reduce the mean time to response and recovery from incidents. – Ashish Khanna, Verizon Business
6. Implement Decentralized Security Protocols
Organizations need to implement decentralized security protocols to monitor and manage edge devices effectively. This involves deploying advanced threat detection and response capabilities at the edge. This step is crucial to ensure timely detection and mitigation of security threats, minimizing potential vulnerabilities in a rapidly expanding attack surface. – Sachin Parate, Twilio Inc.
7. Leverage Device Intelligence
With an influx of edge devices, validating the legitimacy of users is critical. Device intelligence enables organizations to identify potential threats, such as unusual login locations, or suspicious behavior, such as multiple login attempts, ultimately empowering them to prevent security breaches. – Dan Pinto, Fingerprint
8. Prioritize Visibility And Monitoring Throughout The Network
Organizations must prioritize visibility and monitoring throughout the network, including edge devices, which often operate outside traditional security perimeters. This makes them vulnerable entry points for cyberthreats. Ensuring visibility allows security teams to detect and respond to edge threats via monitoring tools, security automation, threat intelligence and machine learning capabilities. – Tim Reed, Lynx Software Technologies
9. Adopt Dynamic Access Control Mechanisms
Adopt dynamic access control mechanisms for edge devices, adjusting permissions based on real-time risk assessments. This involves using contextual information, such as location and behavior patterns, to grant or revoke access. This strategy is important as it provides a flexible and adaptive security posture, reducing the risk of unauthorized access and enhancing overall network security. – Jagadish Gokavarapu, Wissen Infotech
10. Follow Zero-Trust Principles
Manufacturing organizations must adopt zero-trust principles to improve their SOC strategies for edge devices. Zero trust authenticates and authorizes devices and users before allowing them to access network resources. This step is essential for safeguarding sensitive manufacturing data, operational integrity and cyberthreats in a highly interconnected world. – Ravi Soni, Amazon Web Services
11. Lean On Open-Source Automation And Analytics Solutions
Organizations need to rely more on automation and advanced analytics tools to expand their security operations center strategies and manage the increased volume of data and the distributed nature of edge devices. The best approach is to choose open-source solutions, as these tools provide more flexibility and better security. – Matthias Pfau, Tuta
12. Integrate A Unified Threat Management System
Integrating a unified threat management system that consolidates multiple security functions into a single platform is essential. This step is important because it simplifies the management of diverse edge devices and enhances the overall security posture. – Sandro Shubladze, Datamam
13. Group Devices Into Categories
Organizational skills are of utmost importance when dealing with multiple edge devices. Group devices into categories that make sense to you and your team. Review their software and the potential for intrusions, malware, Trojan horses and viral infections. Consider an isolated network for edge devices of lower importance. Above all, ensure devices are current in terms of software updates. – WaiJe Coler, InfoTracer
14. Explore P2P Secure Updates
Minimizing the time it takes to patch known vulnerabilities is an integral part of security operations strategy, and the issue takes center stage with the influx of edge computing, as it is not easy to securely distribute patches at scale to heterogeneous edge devices. Embracing the strategy of peer-to-peer secure updates is a practical solution to the problem. It helps narrow the vulnerability window without choking the network. – Pramod Konandur Prabhakar, Pelatro PLC
15. Establish Collaborative Security Frameworks With Vendors
Edge devices often come from various vendors with diverse security standards and practices. Establishing collaborative security frameworks and partnerships with these vendors ensures that devices are secure by design and receive timely updates and patches. This creates a cohesive security strategy that leverages vendor expertise and maintains a consistent security posture across all edge devices. – Cristian Randieri, Intellisystem Technologies
16. Focus On A Heuristic Monitoring Strategy
Focus on a heuristic monitoring strategy that evaluates the condition of a device based on context, contingency and correlation. The “good to go” authentication paradigms we’ve known and loved are of little value at the edge—or anywhere else—at this point. Collecting data and evaluating it to identify key conditions is likely the most productive way to understand the edge attack surface. – James Stanger, CompTIA
17. Ensure You’re Following Ethical Practices
Incorporating ethical considerations into SOC strategies for managing edge devices is paramount. Organizations must prioritize privacy protection, consent and data transparency when collecting and processing data from these devices. Ensuring fairness and accountability in algorithmic decision-making processes, especially in AI-powered security solutions, is essential for preventing bias and discrimination. – Deepak Gupta, Cars24 Financial Services
18. Prioritize Timely Patches
Due to resource limitations, edge devices often lack built-in security, making timely vulnerability patching challenging. It’s important to prioritize patching critical devices—consider network segmentation, real-time vulnerability detection, and solutions to prevent and mitigate exploits, data breaches, operational disruptions and ransomware attacks. – Neil Lampton, TIAG
19. Use Blockchain Technology To Record Interactions
Organizations should use blockchain technology to secure their edge devices. The blockchain records every interaction in a secure, unchangeable log. This is important because it ensures that all data is authentic and traceable, reducing the risk of tampering and unauthorized access and providing strong security for the increasing number of edge devices. – Margarita Simonova, ILoveMyQA
20. Embed Localized Security Analytics
Organizations need to incorporate localized security analytics into edge devices. By processing security data at the edge, they can reduce latency, enhance real-time threat detection and minimize bandwidth use. This approach is essential for managing a large number of edge devices efficiently, ensuring quick responses to security threats and maintaining robust protection across the network. – Jeremy Dodson, NextLink Labs