Each year, the Internet of Things (IoT) makes strides towards transforming industries. IoT, or as it’s sometimes known as the Internet of Everything (IoE), are physical devices that placed on the Internet by installing wireless sensors on them. You see a lot of IoT in the consumer world, most commonly in home devices such as alarm systems, thermostats and electrical sockets to control lights remotely. Most of these devices are accessed by apps on your mobile device.
Within the last couple of years, IoT has slowly started to enter other markets. Sectors like healthcare and manufacturing are quickly learning about their potential value, particularly when combining IoT with business process management (BPM) programs. At face value, the benefits of this integration seem limitless. Real-time data analytics, immediate social and mobile capabilities to otherwise static and often hard to reach devices, and the ability to pair business-facing operations like inventory control and automated supply-chain capabilities with real-time consumer demand, creates a list of desired capabilities that is almost too appealing for any C level executive to resist.
According to Earl Perkins, research vice president at Gartner,
The power of an Internet of Things device to change the state of environments and of itself will cause chief information security officers (CISOs) to redefine the scope of their security efforts beyond present responsibilities. IoT security needs will be driven by specific business use cases that are resistant to categorization, compelling CISOs to prioritize initial implementations of IoT scenarios by tactical risk. The requirements for securing the IoT will be complex, forcing CISOs to use a blend of approaches from mobile and cloud architectures, combined with industrial control, automation and physical security.” - Gartner
The Gartner article continues to state a prediction that by 2020 the installed base of "things" that make up IoT, excluding PCs, tablets and smartphones, will grow to 26 billion. That’s a huge leap from the estimated 0.9 billion units in 2009.
Despite the prospective issues associated with IoT from a security standpoint, there are two major steps that your organization can take to mitigate the cyber threat of the technology.
1. Map and know your environment
One of the dangers with IoT is the idea that they will proliferate on networks to a great degree, which will make it difficult for organizations to keep track of them, even as they take on increasing responsibilities. Once you lose track of how many you have, then you have an issue. This is a similar problem with IT and OT integration, especially within the utilities industry, because organizations lose track of how many IT-OT enabled devices they have and spend a lot of time just mapping their environment and trying to catch up. Industrial Defender not only offers the capability for your organization to better map these technologies, but also provides a snapshot from a centralized dashboard and portal. You can't fix what you don't know about, so this mapping is a vital first step, as well as an ongoing one, before anything else can be accomplished.
2. Assess and Plug vulnerabilities
Once your environment is mapped, assessing which set of IoT devices are specifically dangerous and building an approach to plugging their vulnerability can go a long way in defending from potential future attacks.
IoT is here to stay, and its implication to business and CISCOs that are both good and bad are still being determined. What is known, however, is that by mapping, assessing and addressing known vulnerabilities, you can go a long way to protecting your network.