You will soon receive an email with a link to confirm your access, or follow the link below.
You may now close this message and continue to your article.
Even when organizations have IoT protections in place most of the time, or for most IoT sensors or devices, leaving any gaps open is all it takes to get through. And once inside, threat actors can move laterally, especially if network segmentation is lacking.
Organizations must be proactive and avoid complacency, especially in critical infrastructure sectors.
In the 2022 MSI, 53% of responding organizations had defined IoT security standards that applied to all projects, and 48% of organizations centrally coordinated all of their IoT projects.29 This year, only 39% of respondents say they have defined IoT security standards that apply to all projects, and just 47% have centralized coordination of all IoT projects.
These decreases are likely due to the extremely rapid pace of IoT adoption. When you’re moving fast, it can be difficult for security to keep pace. The decrease may also be evidence of shadow IT projects, where individual lines of business coordinate their own projects without full, centralized control. No matter how you slice it, significant security policy gaps remain that translate to a higher degree of cyber risk.
of respondents do not have systems in place to track all IoT devices in their organizations.
lack centralized oversight of all IoT projects.
still rely on manual audits to keep track of IoT device encryption.
Mike Riemer, Field Chief Information Security Officer, Ivanti
Your edge devices are showing. And threat actors love it. In the era of Everywhere Work, edge devices are everywhere—and have become an attractive target for sophisticated attackers. These devices serve as entry points to an organization’s network, allowing threat actors to move laterally and embed themselves. This can lead to significant data breaches and operational disruptions.
As the number of connected devices grows, securing edge devices becomes a necessity—not an option. Implementing proactive measures can significantly reduce an organization’s attack surface, mitigate risks and maintain a robust security posture even when (and it’s when, not if) threats morph, evolve and get smarter.
Don’t allow edge devices to become the weak link in your network security chain. Take action now to protect your organization’s valuable assets.
To combat the onslaught of threats, organizations must prioritize the following:
Apply security patches to edge devices promptly when they become available.
Run the latest version of the solution’s software on edge devices.
Monitor networks, including edge devices, for suspicious traffic and anomalies.
Grant access only when necessary and verified, following zero trust principles.
Give administrators and users only the permissions required for their roles.
Use a multi-layered security approach, including firewalls, intrusion detection and endpoint protection.