Why it’s critical to ensure your IoT doesn’t become a tangled web of vulnerability
FYI, this story is more than a year old
Article by ExtraHop A/NZ regional sales manager Glen Maloney.
Has your business found a use case for the Internet of Things (IoT) yet? If not, there’s a fair chance it’s already found you. Enterprise IoT devices have benefits for Australian organisations to increase efficiencies and become more competitive on the global stage -- however, you can’t ignore the potential security risks that come sanctioned or the rogue devices that are most likely already on your network.
Published in 2018, the Australian Computer Society report “Australia’s IoT Opportunity: Driving Future Growth” suggests there is a window of opportunity for local enterprises to leapfrog the productivity gap through its ‘intelligent use’.
Businesses in the construction, mining, healthcare, agriculture and manufacturing sectors have been identified as having most to gain.
Organisations elsewhere in the world are getting a jump to gain control over the enterprise IoT bandwagon. Gartner forecasts this year will see the enterprise and automotive IoT market grow to 5.8 billion endpoints; a 21% increase on the 2019 figure. The market globally is expected to be worth $US58 billion by 2023.
Multiplying the risk
But while this proliferating new technology may do wonders for productivity and profitability, it does come with a catch. Securing a network of enterprise IoT devices is no easy feat, courtesy of the fact that not all IoT devices have been designed with security in mind. It’s not unusual for them to be implemented without encryption and with hardcoded or clear text passwords, making them easy to exploit.
While some enterprise IoT devices, like printers or VoIP phones are sanctioned, many are not, and a lack of visibility into the number and nature of IoT devices connecting to the network is quite common for organisations.
The lack of visibility becomes a critical concern when enterprise IoT devices are used in mission-critical enterprise-wide services, as is increasingly the case for many organisations, here in Australia and globally.
A lack of collaboration between IoT deployment and security teams can also result in significant vulnerability. It’s critical the two parties work together, so the latter knows where and how devices have been deployed, and can monitor them as a part of the overall security strategy
Your enterprise IoT security checklist
Network-based threat detection and response solutions provide much-needed visibility into the behaviour of devices on the network including enterprise IoT and can help organisations reduce the risk of infiltration or compromise.
So what criteria should you apply when evaluating the IoT security in the enterprise? Continuous visibility should be high on the list.
A solution which delivers an up-to-date view of your entire footprint including IoT and cloud, and can detect unusual or aberrant network behaviour, wherever and whenever it takes place is needed.
In addition, ensuring a solution uses advanced machine learning for the behavioural detections is a useful weapon in the battle against ‘known unknowns’ – suspicious network behaviours which don’t resemble known attack types – as well as known malicious domains and IPs.
So too is the facility to respond intelligently to alerts, winnow genuine threats out from the ‘noise’ generated by hundreds of false alarms and investigate where and how the attack surface has been infiltrated – at speed.
Increasingly, this will be the ‘edge’ which enables security teams to keep pace with cyber-attackers circling their increasingly complex IoT environments in search of a chink.
Protecting the enterprise in an ultra-connected world
Widespread embrace of enterprise IoT technology has the potential to improve the productivity and profits of Australian enterprises and boost their ability to compete internationally.
Making cybersecurity a priority as IoT devices are deployed will enable you to realise the benefits while reducing the risk of cyber-compromise and attack in this ultra-connected new environment.