FEATURE
The past half a decade has seen the Internet of Things ( IoT ) evolve from a conceptual ‘ next step ’ to a fully realised , tangible component of many IT environments the world over ; so much so that the number of IoT connected devices globally are expected to reach 35 billion this year , according to Forbes , and swiftly rise to a staggering 75 billion by 2025 .
Organisations from a wide range of industries , be they manufacturing , healthcare , or retail , are rightly turning to the IoT to garner new insights and efficiencies from their business operations . Unfortunately , as they integrate these devices into their infrastructures – an exercise which is expected to result in US $ 15 trillion investment from companies worldwide over the next four years – they are increasingly struggling to monitor this at all times . Most businesses have a long way to go when it comes to the visibility of their IoT environments ; in a Gemalto survey , a worryingly high number ( 48 %) of respondents admitted they wouldn ’ t be able to detect an IoT breach on their network due to poor visibility .
When it comes to bringing new IoT devices onto the network , it ’ s vital to ascertain how best to secure and configure each device and what steps must be taken to ensure they remain secure .
Charaka Goonatilake , CTO , Panaseer
rapidly growing attack surface and secure the data being generated .
Naturally , as more and more assets become connected and create new attack vectors for intruders looking to infiltrate their network , IT teams are clambering to ensure all IoT devices are monitored and their specific risks assessed and preempted . But what does this process look like ? And how , exactly , do they go about securing their IoT ?
A lack of visibility
The first step is identifying all of their connected assets and ensuring they have complete visibility of those assets
Panaseer ’ s own research – which asked 200 enterprise security leaders about the ever-changing threat landscape and the regulatory , budgetary and expertise obstacles they routinely find themselves having to overcome – found that visibility , or lack thereof , into technical assets and security controls alike was a leading cause of security shortcomings . Considering all their IT assets , one in five respondents believed that IoT visibility was their biggest concern .
The main reason for this is that the majority of traditional security tools simply don ’ t cater to the new wave of IoT devices in the way that they do for more established technologies , be they laptops or servers . It ’ s tricky then to find much more than an IP address through network discovery tools , and even if one is successfully found for an IoT device , it won ’ t offer insights into what device it is , where it is , what it ’ s connected to and whether or not it is subject to any known vulnerabilities . www . intelligentciso . com
37