Disable your ad blocker to enjoy the full interactive features of this document.
The Internet of Things and cybersecurity
The number of physical devices connected to the internet is growing exponentially. For example, according to Statista, the number of Internet of Things (IoT) devices worldwide is forecast to almost double from 15.1 billion in 2020 to more than 29 billion in 2030.
Utilities are already exploiting the increasing connection of devices to introduce condition monitoring of assets and adopt predictive rather than preventative maintenance regimes.
This, says Jenkins, is a double-edged sword. From an asset monitoring and maintenance point of view, the IoT is great. From a security point of view, the attack vector for a hacker has got much bigger. “Utilities may have gone from using one data centre 30 feet under the ground in a secure location, to using cloud computing and connected edge devices on powerlines. From a cybersecurity point of view, there are many more points to attack,” he says.
With many organisations using cloud computing, the security of their cloud platform is a key consideration. Red Hat OpenShift is the industry’s leading hybrid cloud application platform. Powered by containers, it can improve the security of applications without compromising developer productivity.
Number of IoT devices estimated worldwide in 2020
Number of IoT devices forecast to be in use worldwide in 2030
What are containers, and how do they enable enhanced security? Simply, they are isolated spaces that contain everything an application needs to run, and which allow software developers to create and deploy applications much faster. As utilities increase their dependence on third-party software, developing it in a container can be more efficient.
That’s not all. Containerisation can also be more secure because software is isolated. If malicious code is introduced, it doesn’t affect other containers within the system or the underlying cloud infrastructure.
Roberts says: “Containers are allowing organisations to modernise the way they approach IT. They are a mechanism for running applications in a reliable and secure environment. In addition to security, they offer scalability and power.”
The homogeneity of a cloud container platform is an important factor in its security. “CNI organisations don’t want to have to secure 15 types of operating system across 11 different types of router, with 75 types of load balancers – they can do it on one coherent platform,” Roberts explains.
“With OpenShift we are giving developers guard rails. We’ve thought about role-based access control; we’ve thought about storage buckets and the different layers.
“That leaves developers to do what developers are good at, which is to develop code.”
“The paradox is that people are desperate to keep things steady, while simultaneously challenging themselves to be innovative.”
Mark Roberts, principal solution architect, Red Hat
Why there’s no such thing as perfect
“At Red Hat we don’t say we provide totally secure computing – we help you do computer security,” adds Jenkins. “I will never say there is zero vulnerability, because I know as a security person there is no such thing. You may have a zero-trust architecture for verifying every user device and each system authentication and authorisation, but when it comes to people and processes you will never have zero security issues within a solution or an organisation. That’s just the pragmatic approach.”
There is a balance to be struck between innovation, speed and security, Roberts adds. “The paradox is that people are desperate to keep things steady, while simultaneously challenging themselves to be innovative, bring in new capabilities, and grab market share.”
There is also a contradiction between the desire to use the latest tech but also tech that has been battle-tested in the field, he concludes.
“For Red Hat, balancing these competing demands is all part of the job.”
“Utilities may have gone from using one data centre 30 feet under the ground in a secure location, to using cloud computing and connected edge devices on powerlines. From a cybersecurity point of view, there are many more points to attack.”
Chris Jenkins, principal chief architect, Red Hat
in association with
