26
OPINION
“Business and Governments
will be the top users of the
IoT by 2020, with Consumer
applications falling to a
distant third.”
BI Intelligence
The survey says…
To see the impact of IoT on corporate networks, and
how those networks are secured, a survey of 350 security
professionals provides shocking results. The majority of
respondents acknowledge the growing number of IoT
devices on their networks, yet they are unaware of how to
properly secure them.
Several responses raised cause for concern. For example,
one question asked security participants: how confident are
you that you know all the IoT devices that are connected to
your network as soon as they are connected, and that you
can control these IoT devices so cybercriminals can’t use
them as doorways into your network?
Only 15% of the respondents felt confident they could
see all IoT devices connected to their network. In addition,
70% of them lacked confidence in their ability to see
connected devices as soon as they joined their networks, and
almost half said that they weren’t confident at all.
When connected devices are left out of the security
sphere, an organisation’s attack surface becomes much
more vulnerable, as you can’t protect what you can’t see.
The next question asked how important is it to discover
and classify IoT devices on your network; and given the
characteristics of IoT, how important is it to do that without
the use of additional agents?
The vast majority of the respondents, close to 90%,
stated they need to be able to discover and classify IoT
devices the moment they connect to the network and to do
so in an agentless manner.
Perhaps the most shocking finding of the survey came
from the question: Which of the following most accurately
describes your organisation’s current primary approach to
securing IoT devices on your network?
27% either didn’t know that they do not use anything
to secure their IoT devices.
47% use traditional methods to secure IoT devices –
methods that were designed for intelligent computing
devices and have proven not to be sufficient.
Only 19% use specialised agents – which are largely
non-existent for IoT.
The bottom line is that securing IoT requires a new
paradigm, which is not yet in use. This survey demonstrates
not only how pervasive IoT is within the enterprise, but also
how much confusion there is around how to secure it. Every
day, new ‘things’ are being added to corporate networks
with little regard to their level of security risk. Each insecure
device represents a vulnerable point of entry into a
company’s larger network, and companies are starting to
realise this. n
References
24 Cool IoT Facts to Celebrate Internet of Things Day; Apr 8, 2016, by Sue O’Keefe
www.thejournal.ie/webcam-iot-hacking-2860398-Jul2016
www.networkseuropemagazine.com