October 22, 2019 By Curtis Simpson 3 min read

Organizations across all industries are looking to the internet of thing (IoT) to improve efficiency, better understand customers to deliver truly memorable and competitive experiences, improve decision-making, and increase the value of the business.

As a direct result, the endpoint ratio is changing at an even faster pace than we may realize, with these unmanaged devices growing more quickly than the PC and mobile revolutions combined. Armis estimated that by 2021, up to 90 percent of enterprise devices will be unagentable. Similarly, by 2021, 20 percent of all cyberattacks will be executed through the IoT by 2020. Unfortunately, the risk associated with these new unmanaged and IoT devices is also skyrocketing.

Let’s dive into the details behind this rapidly growing risk by answering three key questions.

1. What Is Enterprise IoT?

Core to the movement dubbed the fourth industrial revolution — or Industry 4.0 — enterprise IoT can be described as physical things embedded with computers to help efficiently solve and optimize business opportunities and challenges. Many enterprises will continue to look to the IoT as they protect and claim market share alongside both traditional and nontraditional competitors.

Examples of devices that apply to most enterprises across all industries include VOIP phones, office and facility video and security cameras, printers, temperature sensors and controls, smart lighting, smart TVs, vending machines, and more. There are also many IoT applications focused on responding to industry-specific problems and opportunities, such as retail beacons, quality control sensors, vehicle and building refrigeration unit temperature sensors, magnetic resonance imaging (MRI) machines, infusion pumps, automated guided vehicles (AGVs), prototype printers, and more.

These are not consumer-grade devices. These devices are being implemented in a multitude of use cases ranging from employee satisfaction and standard operations to the real-time handling of 24/7, business-critical transactions and manufacturing. As such, they are core to business collaboration and operations today.

2. Why Is Security an Issue for These Devices?

Enterprise IoT devices are computers with operating systems and inherent network capabilities, just like the PCs or servers for which we’ve been managing risk for decades.

However, unlike PCs or servers, they have no security. Most of these computers are purpose-built, walled off black boxes. That means security agents often cannot be installed, patching can range from difficult to impossible, and traditional scanning solutions struggle to understand what these computers are, let alone their associated risks or exposures.

These devices are hiding in plain sight and growing at a compound rate of 29 percent annually, according to Armis. On average, these devices now make up over 40 percent of the technology in enterprise environments and are running toward the 90 percent mark mentioned earlier.

The solutions we’ve long used to discover traditional computers, assess and manage related exposures and risks, and detect and respond to potential attacks were not designed with unagentable devices in mind. Hackers are more than aware that enterprise IoT is not being monitored or protected at a comparable level to traditional devices and software.

In turn, and as seen on numerous prior occasions with new and evolving risk frontiers, bad actors are already focusing their efforts on this weakest link. Look no further than Microsoft’s report on Strontium, released during Black Hat 2019, to appreciate the investments already being made by bad actors targeting enterprise IoT.

3. Is This Really an Issue?

Let’s begin by answering this question with another question: If an environment is running without the ability to discover at least 40 percent of its traditional PC or server assets, assess each asset’s state of risk, and detect, protect against, and respond to cyberattacks occurring on or through the assets, is this an issue?

Most would answer yes without hesitation. We know our PCs and servers are being targeted regularly, and through years of practice and iteration, we are confident in our ability to respond to this challenge. We also know that any delay in execution could allow a cyberattack to occur. We need to look at enterprise IoT from the same perspective and with the same level of criticality if we are to continue to safeguard our operations and brand at a level of efficacy comparable to our current programs.

This should begin with a visibility effort. Understand what you have, what it’s doing, unagentable device exposure levels and whether any such devices are actively compromised. Once you know what you have, you can source the solution that works best for your enterprise.

Learn More About Enterprise IoT Security

To learn how organizations are adopting a new way to enable Threat Management for Enterprise IoT devices, register for the Nov. 6 webinar.

Register for the webinar to learn more

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today