Network Approach for Analyzing IoT Devices' Network Activities (NIST IR 8349)

In the ever-evolving landscape of Small and Medium Enterprises (SMEs), network transparency has become a crucial cornerstone in the face of cyberwarfare. This is the focus of a recent publication by the NIST National Cybersecurity Center of Excellence (NCCoE), titled "Methodology for Characterizing the Network Behaviour of Internet-of-Things (IoT) Devices."

The NIST report describes recommended techniques for capturing, documenting, and characterizing the full spectrum of network behaviour of an IoT device in various use cases and under different conditions. This provides a standardized method for specifying the network communication an IoT device needs to perform its intended functions.

The NCCoE has developed an open-source tool, MUD-PD, to automate the characterization of IoT devices and subsequent creation of MUD files. Manufacturers, developers, network operators, cloud providers, and researchers can create files that comply with the MUD specification using these techniques.

Understanding the expected network behaviour of IoT devices is crucial for cybersecurity, as it enables the implementation of appropriate network access controls. This knowledge is particularly important in networks that include IoT devices, where network administrators need to know which devices are on the network and what network communication each device requires to perform its intended functions.

The NCCoE collaborates with various industry partners such as Cisco, IBM, Intel, Microsoft, Palo Alto Networks, and others who implement recommended techniques for characterizing IoT device network behaviour to enhance device and network security.

While the article does not discuss any potential consequences for SMEs if network transparency is not achieved, nor provide specific details about the NIST report or MUD files, nor mention any new recommended practices for securing IoT devices or their networks, it underscores the importance of network transparency in the context of cyberwarfare. It also highlights the role of standardized methods and collaboration between industry partners in enhancing the security of IoT devices and networks.

However, the article does not provide any advice or guidance on how SMEs can improve their network transparency, nor does it provide any case studies or examples of cyberwarfare affecting SMEs. It is up to SMEs to take the necessary steps to secure their networks and protect themselves from potential cyber threats.