Hyperconnectivity is a term to describe the interconnectedness of people, organizations and machines, and its growth will revolutionize the way people work together and create value in their day-to-day lives. Hyperconnectivity is a goal of successful digital transformation. Hyperconnectivity implies an explosion of new endpoint types, communication patterns and business relationships. The impending rollout of global 5G networks will accelerate this trend.
The concept of an enterprise endpoint is evolving to include individual workers’ established productivity platforms (laptops, PCs, mobile phones, tablets) and an emergent array of connected devices such as wearables, industrial machinery, robotics, environmental sensors and medical devices, as well as vehicles such as cars, bikes, trains, aircraft and drones.
The benefits of hyperconnectivity will be negated by the risks posed by the growing landscape of cybersecurity threats if countermeasures fall short. Concern about security incidents is regularly identified as the number one inhibitor or challenge associated with digital transformation. Regulators around the globe have also upped the pressure on businesses to protect their customers’ security and data via increasingly rigid privacy and security laws in sectors such as financial services, healthcare, transportation and public safety.
To be effective against these threats, enterprise leaders not only need to leverage automation and orchestration of infrastructure hygiene tasks, but they also need to put better capabilities to work to augment the skills of their security teams and help them defend in this more complex world. Security tools enabled with machine learning (ML) and artificial intelligence (AI) provide clarity and focus in the broader stream of alerts and events that pummel security staff. Being able to link activities and identify and prioritize risks can make teams more productive.
Given hyper connectivity’s impact, both positive and negative, the modern C-suite must expend the energy and investment – based on their specific business situation – to unlock the potential of digital transformation and hyperconnectivity to meet core business goals in the context of the complex environment of legacy investments and processes, including cybersecurity.
Digital Transformation Begets Hyperconnectivity and New Risks
Business leaders around the world are pursuing digital transformation to meet their strategic goals. 451 Research defines digital transformation as IT innovation aligned with and driven by a well-planned business strategy, with the goal of transforming how organizations serve customers, employees and partners; support continuous improvement in business operations; disrupt existing businesses and markets; and devise new businesses and business models.
Hyperconnectivity is defined as the interconnectedness of people, organizations and machines that results from digital transformation. Canadian social scientists Anabel Quan-Haase and Barry Wellman invented the term during their studies of person-to-person and person-to-machine communication in networked organizations and societies. Taken in the enterprise context, we offer it is as one of the desired outcomes of a well-defined digital transformation strategy. Most enterprise respondents in our recent Voice of the Enterprise: Digital Pulse study indicated that they are underway with digital transformation or expect to be in the next 12-24 months(Figure 1)
For those pursuing digital transformation, data security and privacy concerns are paramount (see Figure 2). As we discuss throughout this paper, taking a proactive approach to data privacy, security and cyber defense is job number one for C-level executives. The bad news is that the overall volume and sophistication of attacks is increasing at a pace that is outrunning traditional security products. The good news is that a new breed of tools and techniques to counter these threats is emerging. These tools tap the power of artificial intelligence to detect and respond to this next generation of threats and can act as a force multiplier for security teams working to secure the larger attack surface that hyperconnectivity presents.
Hyperconnectivity: Network Effects Apply to both Value and Risks
Digital transformation and hyperconnectivity are tightly related yet distinct. Hyperconnectivity is an outcome of successful digital transformation; specifically, it presents a new era of interconnectedness driven by the exponential growth of communication pathways between applications, people and machines. It portends the growing long tail of endpoints and communication channels that fall under IT’s responsibility, including Internet of Things (IoT) devices.
THE EVOLUTION OF THE ENDPOINT IN THE ENTERPRISE
Endpoints are critical because they are both the I/O and user equipment for an enterprise and its assets (human, physical, virtual or otherwise). It’s remarkable to think about how far we’ve come in the past 45 years as Moore’s law has relentlessly put more computing power into our hands and devices at lower costs. The desktop PC and workstation went through an era of consumerization that democratized these devices, resulting in a vibrant PC market.
Expected Benefits of Hyperconnectivity
Because we have drawn a straight line of cause and effect between digital transformation and hyperconnectivity, we think it is worthwhile to consider enterprise drivers and potential benefits of hyper connectedness. In our recent VotE: Digital Pulse study, we asked IT decision-makers about their expected outcomes of digital transformation (see Figure 6). We found that positively impacting customer experience, data-driven business intelligence, new digital products and services, process automation, and employee productivity were all chosen by at least 30% of the respondents.
Hyperconnectivity Business Challenges
BUSINESS PROCESS AND CULTURAL CHANGES
The changes that hyperconnectivity introduces to many companies’ current business processes represents a major non-technical challenge because the changes are far-reaching and require a reassessment of how business will be done. The potential disruption of business processes promises to elevate competitiveness, but enterprise leaders need to give a lot of thought both about what is possible and how business will be conducted in the future.
The added connectivity opens up new sales and support models such as pay-per-usage – paying based on business outcomes – and creates the capability to offer a new level of maintenance such as shipping replacement parts before they break via real-time usage tracking. While these changes represent drastic evolutions in business process and must be carefully considered, the upside potential across diverse areas such as brand enhancement, R&D, competitive differentiation and new revenue stream point to ROI that is compelling in most cases.
MANAGING OT/IT CONVERGENCE
One of the most impactful implications of IoT’s arrival is the need for OT/IT convergence. This is especially true in the industrial sector where connecting industrial machines and supply chain data for process optimization is by no means a new concept. What is new is the a) integration of these data sources into enterprise systems of record such as CRM and ERP systems b) the use of standard compute, network and storage resources.
Security and Privacy in a Hyperconnected World
The Business Need for Security
While extensive data pathways are the hallmark of hyperconnectivity and create agility, they are also more challenging to secure. Data volumes and the number of points of data accumulation are expanding, adding to the security management burden. Requirements for governance are also increasing as regulatory bodies implement more privacy-aware strictures. The combination of these forces creates complexity that’s far greater than organizations have historically had to manage.
Evolving Threat Landscape
One of the most significant factors that compounds security management complexity is the constant evolution of both the attackers and their attack methods. The sophistication of tools available for exploitation continues to grow. Attackers are improving the ways in which they monetize the spoils of their breaches, with correlation and aggregation capabilities. Attack techniques are moving from simple vulnerability exploitation to identity and privilege abuse. With hyperconnectivity expanding the connection options, attackers have more points to probe.
Countermeasures, Including AI and ML
Organizations need to move beyond the idea that simply throwing more people at the security management problem will be effective. They’re facing an enemy that already has weapons with a level of sophistication and scale that has made any countermeasure requiring manual intervention or analysis ineffective. An entrenched infosec staffing shortage has further quashed this premise.
SECURITY AND IDENTITY MANAGEMENT
The single greatest technical challenge that threatens to sink the hyperconnectivity opportunity for any given organization is risk associated with security breaches and privacy exposure that hyperconnected systems introduce. The inclusion of ‘things’ introduces many of the security challenges faced in earlier phases of the computing revolution and makes them even more complex, driven primarily by the following factors:
- Security. The highly distributed nature of most IoT solutions presents a myriad of security challenges. Intelligent systems may rely on the internet for connectivity or use cloud-based compute or storage resources. Security systems and practices must be extended to protect against data loss, service theft and increasingly sophisticated denial-of-service attacks in a scalable manner. Intelligent systems must support cohesive authentication, authorization and auditing capabilities to establish trust, govern access to resources, and ensure compliance with governmental regulations and corporate policies. And they must support strong encryption schemes to safeguard data confidentiality and protect intellectual property.
- Lack of edge computing power and real estate. Unlike smartphones, PCs, tablets or laptops, IoT devices have limitations on the amount of processing power (CPU), battery and storage available to support advanced security techniques and the ability to protect themselves from attack.
- Ill-defined perimeter. Traditional IT security has defined perimeters where access controls can manage the flow of data at specific points. When the majority of application infrastructure was on-premises, security systems and special appliances and software techniques could be placed at choke points where information flowed across the perimeter to keep bad people out. The volume and mobility associated with IoT deployments at scale require a complete rethink of security architecture. The expectation that security must come with feature/cost trade-offs needs to be eliminated in favor of environments that offer superior security with no feature compromises. As more application infrastructure has shifted to partners or other locations, the idea of a single perimeter has become outmoded. The perimeter has clearly moved to everywhere computing devices must go, including into the cloud.
- Complex identity management. Security and identity management go hand in hand. You can’t have solid security in the absence of a well-thought-out identity management system and supporting policies. To protect the device from malware or unauthorized takeover, it is crucial that only authorized software can run on the device. New devices must be discovered, authorized and credentialed efficiently. Beyond a single device, communication between devices, between a device and a user, and between a device and the cloud needs to be secured as well. Only authorized people, machines and services should be able to communicate with each other in an IoT system. Unfortunately, this responsibility is often left to enterprises to manage on their own, or device and platform makers, which implement only the most basic IDM and security features, or, in some cases, none at all.
- Significant unknowns. IoT is still in its infancy and brings together several known vulnerabilities into one place, which creates significant ‘unknowns.’ For many of the early system architects, security was an afterthought or not considered at all due to apathy, costs or a perceived lack of threats. Once systems begin to scale and connect to the internet, they will become the targets of hackers. We do not yet know the full extent of the damage that can be done to companies that suffer an IoT-related system breach, but the first wave of hacks provided us daunting clues. What we do know is that it is becoming cheaper and easier for moderately skilled hackers to wreak havoc on firms they target regardless of motivational factors, which run the gamut – having fun, making money, political protests, all the way to state-supported terrorism.
Challenges of Hyperconnectivity
ENDPOINT PROTECTION AND AI
To keep up with the evolving threat landscape, as well as the complexity and scale introduced by hyperconnectivity, enterprises increasingly require more automated approaches to threat detection, prevention and response. Techniques based largely on ML and AI have emerged to help meet this need. Endpoint detection and response (EDR) offerings, for example, have moved beyond static, rules-based detection to dynamic threat detection based on real-time analysis of telemetry collected from the endpoint. These techniques enable the detection of a broader range of threats, including zero-day malware without a known threat signature, and fileless (non-malware) attacks. At the same time, the continuous correlation of endpoint data with other available datasets, such as SIEM and firewall logs, simplifies incident response by reducing the manual effort to bring together data from disparate datasets.
PERSONA AND CONTEXTUAL SECURITY TECHNIQUES
Machine learning also enables security policies to be enforced in real time according to the context of a given situation. Persona is a user behavior analytics tool from BlackBerry Cylance that leverages machine learning to build behavioral profiles for all of an organization’s users and enforces security policies according to how suspicious a user seems. The product continuously analyzes user behavior – including typical communication patterns, system resources accessed, applications used, time and location data, login activity, and keyboard and mouse movements – to understand what normal user behavior looks like and what could be indicative of account takeover. After building its model for normal behavior, Persona generates a trust score that reflects the riskiness of current activity based on how closely it follows the profile.