The IoT (Internet of Things) is creeping into every part of our lives. It offers the promise of making us happier, healthier and more sociable people, and for transforming our businesses into smarter, more agile and productive organisations.
However, this digital change comes at a price: hackers are actively looking to steal and disrupt to further their own ends. And exposed endpoints offer the perfect opportunity to do so. This might have a limited impact beyond the purely financial and reputational in many organisations. But it could have life-threatening implications if a critical infrastructure provider is attacked.
The risk of such attacks going mainstream is no longer theoretical – it is very much a reality today. So now, more than ever, we need IT and security teams to break down their traditional siloes and coordinate their efforts. Anything less will leave organisations woefully exposed to cyber risk.
Change is coming
Modern organisations are increasingly mobile, cloud and IoT based. And this is having a transformative effect on operational efficiency, customer acquisition and, ultimately, the bottom line. In fact, recent research revealed that two-thirds of UK SMEs are using technology to drive change in this manner. You can bet that their larger counterparts are even more proactive in doing so.
The IoT is at the heart of this change, allowing organisations to be more agile and efficient – improving service levels and boosting profits in the process. Accenture believes the industrial IoT could be worth $14.2 trillion to the global economy by 2030. And Gartner says 3.1 billion connected things will be used by businesses by the end of this year alone. This is just the “industrial” IoT. Employees up and down the country are also flooding their workplaces with a raft of smart devices designed to make them happier and more productive in the office: smart watches are just the beginning.
Firms under attack
But for all the business benefits this new generation of technologies can generate, they also represent a wonderful opportunity … for the hackers. Each unsecured endpoint is a potential gateway into your organisation that could allow cybercriminals to search for valuable customer data or IP to sell on the darknet. But, more alarmingly, it could also enable the spread of malware designed to interfere in mission critical systems.
We’ve already seen alleged nation states doing just that in sophisticated attacks on Ukrainian infrastructure – some of which caused power outages for tens of thousands in December. That should be proof, if any were needed, of the potential for attacks launched in the cyber world to have a real-world impact on innocent citizens. More worrying still, we’ve begun to see such attacks go mainstream with ransomware capable of bringing critical systems to a standstill. Some NHS hospitals have been forced to cancel appointments for days as a result.
Some estimates claim cybercriminals made in the region of $1 billion from their efforts last year. With this kind of ROI, it’s unlikely they’ll be stopping anytime soon. In fact, a move to higher value targets in critical infrastructure becomes an even more realistic possibility. Over half of UK firms suffered a cyber-attack last year, costing them as much as £30 billion in the process, and unless IT and security get better at working together, the figure could get even higher.
The problem in many organisations is that traditional siloes still prevent effective information sharing between the two functions. This is exacerbated by the fact that they’re running multiple disparate security and management products – adding unnecessary cost and complexity and making it difficult for IT to respond to incidents expeditiously.
One answer is to create a more dynamic integration between your endpoint security and management efforts and the service desk. Why? Because we now understand that security risks often appear as Incidents at the Service Desk and the Desk has great visibility into your organisation. It’s often the first point of contact for employees to report incidents like lost devices or PC problems – so with the right tools it’s in the perfect position to spot the early signs of a cyber threat. Ensure communication lines are open so it can escalate red flags to the Security team. This info-sharing can also be a two-way street: for example, IT Security may want to warn about an unpatched endpoint they’ve spotted during an investigation. With some attention to the communication mechanism and moving closer to a real-time and two-way alerting model can service both the Service Desk and the Security teams well.
Make sure also to arm the Service Desk with the right set of endpoint management tools. These should support both traditional PCs and mobile devices, and should feature things like automated patch management, app whitelisting, device control, data encryption, and mobility management. Multiple layers of protecting will help deal with the multitude of threats out there, minimising risk exposure. And, thanks to automation, security policies can be pushed out to every endpoint – no matter how many there are in the enterprise, and regardless of where they are located. Also note that these tools will be leveraged increasingly from Service Requests or through the Service Catalogue as IT works to streamline the process by which services are requested and action is taken.
It has become increasingly difficult to prevent a determined hacker from accessing your network. But with IT Service Desk and Security teams working closely together, and the right unified endpoint platform in place, you stand the best chance of stopping them at the door, or at least finding the bad guys before they have time to do any real damage. Given the stakes these days, we can’t afford anything less.