IoT security is something that has been talked about for some time and as devices continue to grow, so do the threats that come along with them. One of the biggest challenges for businesses is the fact that they can’t stop the growth of connected devices within the workplace, but they also can’t control the security measures taken or not taken by device manufacturers; not to mention the network the devices are connected to or may function with.
When we take a look at what some of the IT security professionals have to say about connected devices, a Pwnie Express research shows that:
- 90% of IT security pros say that connected devices will be a major security issue this year.
- 66% of IT security pros aren’t sure how many devices are in their environment.
- 20% of IT security pros say their IoT devices were hit with ransomware attacks last year.
- 16% of IT security pros say they experienced man-in-the-middle attacks through IoT devices.
Furthermore, 84% of IT security pros admit that Mirai changed their perception about threats from IoT device; yet over 65% of IT security pros, either haven’t checked or don’t know how to check their connected devices for Mirai. Mirai showed how the right malware with poorly configured or inadequately secured devices could cause havoc within an enterprise.
Since the number of these insecure connected devices are increasing, IT security pros and businesses are finding themselves in a tough spot. Particularly, businesses who have not invested in a security program that takes into account the vulnerabilities of connected devices, as well as the network configurations within the enterprise.
When you look at the top device threat concerns IT security pros have for 2017 you find that they include:
- Misconfigured healthcare, security and IoT devices, since they will provide another way for ransomware and malware to get in and cause harm to the organization.
- Unresolved vulnerabilities and misconfiguration of popular connected devices.
- Mobile phones with their unencrypted wireless networks, which can allow for man-in-the-middle attacks.
Even though adoption of these connected devices won’t slow down, organizations can look to security programs that take into consideration the vulnerabilities they bring with them. A security program that evaluates the connected device’s configuration from a security angle, as well as the network it uses.
Ultimately any device with a writeable software, that works wirelessly, or connects to the internet can disrupt business and the sooner organizations develop a security program that focuses on connected devices and their vulnerabilities, the sooner executives can hope to avoid huge risks by using those devices to do business or provide services to customers.
If your security program hasn’t been designed with IoT devices and their risks in mind, give us a call so that we can help.
All it takes is 15 minutes to see where you stand with IoT security and either put your mind at ease or get started on a security program that will give you true protection against your cyber threats. Get in touch!
Photo courtesy of watcharakun