Organisations across the world depend today on a range of internet-connected devices; from laptops and printers through to security cameras and heating sensors – and that dependence is only set to increase, writes Bob Reny, EMEA CTO and Principal Engineer at Forescout. The number of IoT connected devices globally increased by 15 percent between 2018 and 2019 and this rate is set to repeat between 2019 and 2020. As more and more devices connect to corporate networks, having a holistic view of what is connected (as well as where) is a critical consideration for security teams today. However, establishing full device visibility across these proliferating networks is proving a challenge.
There are four main reasons why organisations struggle to achieve the visibility necessary across their networks today. From misguided business focus to the increasing diversification of non-traditional connected devices, the obstacles span the entire portfolio of business operations. With enterprises facing higher cybersecurity risks than ever before, with recent research from Gallagher revealing that 1.4 million businesses were hit by major attacks last year, achieving full device visibility is a must, so with this in mind, it is important to break these facets down.
Consolidating Data through Disparate Consoles
Data is spread far and wide throughout organisations today; from endpoint data covering managed and unmanaged systems to network management tools, and security tools.
While this is rich data, it’s not easily presented to the operations teams, meaning that actionable insights are often difficult to extract. This is further highlighted through the growth of IoT devices in enterprises, which has risen sharply over the last couple of years, to the point where many IT departments have lost track of what devices are and aren’t on their networks.
Sharing contextual information to accompany data threat reports is fundamental in understanding the full risk at hand, and therefore achieving visibility across the network. Without properly consolidating the data, gaps will be created in the virtual field of view which can have catastrophic consequences, whereas stitching together all relevant context and available data with a high level of fidelity creates a more complete picture.
Non-Traditional Devices are Creating Blind Spots
Something new to consider for many businesses is that devices that form part of operation technology (OT) and critical infrastructure networks are becoming increasingly internet-connected. Some of these devices, like those within manufacturing plants, were never intended to be connected to the internet in the first place, leaving IT teams scrambling on how to account for them and accurately protect them against cyber-attacks.
With over 133,000 manufacturers in the UK who contribute £6.7 trillion to the global economy, OT has become a defining feature of industry 4.0. With this evolution, Gartner predicts that more than 20bn devices will be connected by 2020, by which point it expects that more than 25% of all attacks on enterprises will come via IoT devices. If every device is a potential weak point, the advances in automation and Industrial IoT (IIoT) will be held back until companies figure out a way to protect themselves and this could be a major barrier for UK manufacturers.
Cybersecurity is Not Always Seen as a Business Priority
It can be argued that there is a clear discrepancy in companies today between those employees on the front line setting up an organisation’s security infrastructure, and the senior leaders making purchasing decisions. On one hand, the official responsibility – and therefore budget – should sit with the CIOs, CTOs or CISOs, but with the advent of the digital revolution, it appears that line of business (LOB) leaders are now making technology decisions often without understanding or owning the cybersecurity risk.
Being targeted by cyber-attacks on a daily basis has sadly become the norm for many if not most organisations. In fact, there is an attack on UK business every two-and-a-half minutes. This means organisations need to have robust cybersecurity defences in place if they do not want to be caught out by these attacks, coupled with strong communication across teams and hierarchies.
Visibility is Not Inevitable
Finally, many organisations have a fragmented approach when it comes to deploying network and cybersecurity solutions.
Instead of using one unified device visibility and control ‘umbrella’ platform to manage all individual solutions and identify any vulnerabilities that need to be addressed, enterprises often operate within silos – potentially creating security blind spots that bad actors can exploit.
To gain full control and visibility of all devices on a network, enterprises need to leverage the network and cybersecurity tools that allow businesses to consolidate their rich context into a single pane of glass. This is not about deploying a standard level of security management seen in most enterprises; it’s about taking this one step further and aiming for full IT asset management with better-streamlined visibility and automation.
Otherwise, businesses that are embracing the IoT and IIoT revolution will be unable to identify and fix those critical blind spots that bad actors are just waiting to exploit.