sb-au logo
Story image

Why greater network visibility is needed to reduce the threat posed by IoT in the enterprise

06 Aug 2020

Article by ExtraHop A/NZ Regional Sales Manager Glen Maloney.

Frequently touted as a productivity game-changer, IoT is enjoying an inexorable rise. Estimates on the number of devices likely to be in use by this year have been put at anywhere between 50 billion and 200 billion devices.

Recent reports have noted the technology’s potential to revolutionise operations and boost competitiveness across five key Australian industries: construction; mining; healthcare; agriculture; and manufacturing. Annual benefits of $AUD194-308 billion, over a period of between eight and 18 years, could accrue as a result of its uptake, the report noted.

As enterprises look to reboot and optimise their operations in the wake of the COVID-19 pandemic, many more compelling use cases are likely to emerge.

That’s the upside. The downside is the new set of cybersecurity risks which arise with more compute power moving from the core to the edge and the cloud. 

Clocking the danger of enterprise IoT 

Historically, enterprise security has centred around protecting the perimeter – the secured boundaries put in place to protect private networks against hackers. It’s a set-up that made sense when computing operations were all centralised, but one which is vastly more challenging in modern hybrid architectures.

In 2020, this is far from a niche issue. The 2020 SANS Network Visibility and Threat Detection Survey canvassed IT decision-makers in large enterprises across the globe and found 49% considered IoT controls and sensors to be part of their high-tech infrastructure. More worrying, just 20% of the cohort viewed them as a risk and security concern.

What about the remainder? It’s a fair bet their concern levels will rise, as they collectively come to the realisation that enterprise IoT devices, sanctioned by another team or rogue, often go unmanaged and lie outside their standard ICT management channels.

An undocumented threat

The evolution of computing operations beyond traditional borders means security solutions need to evolve apace. To do otherwise will likely result in a loss of control over organisational data – an obvious undesirable outcome at a time when the threat posed by hackers and cyber-criminals has never been greater.

Unfortunately, only 38% of the aforementioned survey respondents expressed a high or very high level of confidence in their ability to discover all of the devices connecting to their networks, including IoT – a key requirement for visibility. 

That’s a concerning statistic, given the critical role network visibility plays in gaining a better understanding of the threat landscape to detect signals from unwelcome intruders who are actively targeting the network.

The clear need for visibility 

As IoT installations drive an exponential increase in devices at the edge, enterprises need to take steps to improve network visibility and threat detection capabilities to reduce the risk of a breach and its far-reaching implications.

But while addressing the issue may sound like a straightforward proposition, it’s much harder than you think. The survey also pointed to a lack of time and skilled resources available to tackle these challenges. In this case, automation and machine learning can reduce the burden on an organisation.

Deploying an automation and analytics platform can reduce much of the repetitive workload historically associated with analysing network activity and free security personnel up to concentrate on interpreting data and responding to incidents and alerts.

Securing the entire enterprise network – IoT included

IoT devices are already in your enterprise and are an easy target to gain entry to the network. It only takes one weak point to be exploited. Now is the time for organisations to gain visibility across the entire hybrid network for all devices including IoT. 

To detect and respond to threats you will need to understand what your IoT device behaviour should look like in the context of the rest of the network. Without it, you will be flying blind.

Story image
Data leakage concerns dominate cloud security perceptions - Bitglass report
How secure is the public cloud? That’s what many IT and security professionals are asking as data leakage becomes a pressing concern for organisations and their data protection strategies.More
Story image
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."More
Story image
Ivanti extends ESM automation capabilities with latest additions
Ivanti has made additions to its Enterprise Service Management (ESM) portfolio, with greater automation capabilities between service management and SecOps. More
Story image
Is the 'fast follower' mentality holding back anti-money laundering in Australia?
The decade-old rules-based systems cannot keep up with sophisticated cyberattacks and money laundering threats on their own, writes FICO financial crimes leader for APAC Timothy Choon.More
Story image
Kaspersky ICS CERT joins FIRST global threat intelligence forum
FIRST was founded in 1990, and its members come from 95 countries across Oceania, Asia, Europe, the Americas, and Africa.More
Story image
Palo Alto Networks launches enterprise data loss prevention service
"As a single centralised cloud service, Palo Alto Networks Enterprise DLP can be deployed across an entire large enterprise in minutes with no need for additional infrastructure."More