sb-nz logo
Story image

Why greater network visibility is needed to reduce the threat posed by IoT in the enterprise

06 Aug 2020

Article by ExtraHop A/NZ Regional Sales Manager Glen Maloney.

Frequently touted as a productivity game-changer, IoT is enjoying an inexorable rise. Estimates on the number of devices likely to be in use by this year have been put at anywhere between 50 billion and 200 billion devices.

Recent reports have noted the technology’s potential to revolutionise operations and boost competitiveness across five key Australian industries: construction; mining; healthcare; agriculture; and manufacturing. Annual benefits of $AUD194-308 billion, over a period of between eight and 18 years, could accrue as a result of its uptake, the report noted.

As enterprises look to reboot and optimise their operations in the wake of the COVID-19 pandemic, many more compelling use cases are likely to emerge.

That’s the upside. The downside is the new set of cybersecurity risks which arise with more compute power moving from the core to the edge and the cloud. 

Clocking the danger of enterprise IoT 

Historically, enterprise security has centred around protecting the perimeter – the secured boundaries put in place to protect private networks against hackers. It’s a set-up that made sense when computing operations were all centralised, but one which is vastly more challenging in modern hybrid architectures.

In 2020, this is far from a niche issue. The 2020 SANS Network Visibility and Threat Detection Survey canvassed IT decision-makers in large enterprises across the globe and found 49% considered IoT controls and sensors to be part of their high-tech infrastructure. More worrying, just 20% of the cohort viewed them as a risk and security concern.

What about the remainder? It’s a fair bet their concern levels will rise, as they collectively come to the realisation that enterprise IoT devices, sanctioned by another team or rogue, often go unmanaged and lie outside their standard ICT management channels.

An undocumented threat

The evolution of computing operations beyond traditional borders means security solutions need to evolve apace. To do otherwise will likely result in a loss of control over organisational data – an obvious undesirable outcome at a time when the threat posed by hackers and cyber-criminals has never been greater.

Unfortunately, only 38% of the aforementioned survey respondents expressed a high or very high level of confidence in their ability to discover all of the devices connecting to their networks, including IoT – a key requirement for visibility. 

That’s a concerning statistic, given the critical role network visibility plays in gaining a better understanding of the threat landscape to detect signals from unwelcome intruders who are actively targeting the network.

The clear need for visibility 

As IoT installations drive an exponential increase in devices at the edge, enterprises need to take steps to improve network visibility and threat detection capabilities to reduce the risk of a breach and its far-reaching implications.

But while addressing the issue may sound like a straightforward proposition, it’s much harder than you think. The survey also pointed to a lack of time and skilled resources available to tackle these challenges. In this case, automation and machine learning can reduce the burden on an organisation.

Deploying an automation and analytics platform can reduce much of the repetitive workload historically associated with analysing network activity and free security personnel up to concentrate on interpreting data and responding to incidents and alerts.

Securing the entire enterprise network – IoT included

IoT devices are already in your enterprise and are an easy target to gain entry to the network. It only takes one weak point to be exploited. Now is the time for organisations to gain visibility across the entire hybrid network for all devices including IoT. 

To detect and respond to threats you will need to understand what your IoT device behaviour should look like in the context of the rest of the network. Without it, you will be flying blind.

Story image
Bad Bots and DDoS fuel record cyber risk
"How many attackers are going to hide within this expected traffic spike?"More
Story image
Cyber Security Cloud launches WafCharm on Microsoft Azure
Already available to more than one million Amazon AWS users around the world, this launch provides Azure users with AI operation of Web Application Firewall (WAF) rules, expanding WafCharms availability to 60% of the world's cloud users. More
Story image
Commvault expands features for Disaster Recovery solution
The solution, which offers disaster recovery automation through a single extensible platform, will now support orchestration to and from on-premises, Azure and AWS.More
Story image
DDoS attacks surge, becoming more sophisticated
After doubling from Q1 to Q2, the total number of network layer attacks observed in Q3 doubled again — resulting in a 4x increase in number compared to the pre-COVID levels in the first quarter. More
Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More
Story image
Data leakage concerns dominate cloud security perceptions - Bitglass report
How secure is the public cloud? That’s what many IT and security professionals are asking as data leakage becomes a pressing concern for organisations and their data protection strategies.More