Technological advancements that have resulted in the Internet of Things (IoT) have introduced new security threats that enterprises are ill-equipped to combat or even recognise, according to a new report by Forrester Consulting, commissioned by ForeScout.
The study found that many firms are not adequately prepared to deliver on these security needs, as they apply “dated strategies and policies to a new breed of threats”.
In addition, individual lines of business (LOB) – who often work with operational technology (OT) – and traditional security teams, such as security operations centres (SOC), often don’t agree how IoT-connected devices should be managed.
According to the researchers, the IoT is forcing security leaders to re-assess how they secure their networks. It was found that risk tolerance with IoT security is “shockingly high”, forcing security teams to evolve their strategies.
The report also found that 54 per cent of security leaders have reported that IoT security causes them anxiety. This is caused by three factors: the cost and time needed to manage it, the potential effects of a security breach, and the lack of security skills within teams.
It was also found that there is little consensus between individual lines of business and IT about who is responsible for IoT management and security. When asked who is primarily responsible for securing connected devices on an enterprise network, 44 per cent of IT respondents said the SOC, while LoBs more commonly identified themselves as the primary party responsible.
ForeScout president and chief executive Michael DeCesare said: “Each new device that comes online represents another attack vector for enterprises and it only takes one device to compromise an entire network and disrupt business operations, which can impact the bottom line.
“Securing IoT is not just a cybersecurity issue, it is a business issue, and operating at any risk level is too much. Enterprises need full visibility.”
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.