Gartner observed that over the past three years, almost 20% of organizations have already observed cyberattacks on IoT devices in their network.
IoT analysis predicts that the number of connected IoT devices globally will grow by 9% per year, reaching 27 billion IoT connections by 2025. With this growth in connected devices comes an increased need for security.
ResearchandMarkets provides for the global IoT security market to grow from US$3.86 billion in 2021 to US$5.09 billion in 2022. The company attributes the growth to companies stabilizing production after meeting exponentially increased demand during the COVID-19 pandemic in 2021.
While 64% of respondents to the Kaspersky study, Pushing the Boundaries: How to Meet Specific Cybersecurity Demands and Protect the IoTuse IoT solutions, no less than 43% do not fully protect them.
The National Institute of Standards and Technology (NIST) article, Recommended Criteria for Cybersecurity Labeling of Consumer Internet of Things (IoT) Productsposits that to reduce vulnerabilities in IoT products, it is important to understand the vulnerabilities already exploited in IoT products and to ensure that labeling programs for consumer IoT products consider these incidents in their criteria to help improve the cybersecurity of the IoT ecosystem.
Dr Dorit Dorproduct manager at Check Point Software Technologies, explains that the IoT has many layers, leaving room for misunderstandings and potential risks of exposure to threats internal and external to the company.
“Even the cheapest IoT device can be the starting point for an attack. You need to understand the connectivity of the IoT device to the internal and external world. The fact that it connects the two things without the right IoT controlling them is the biggest proof of that,” she explained.
“People are using IoT to perform massive attacks (Massive DDoS attacks) by taking over IoT in many places and doing denial of service or other destruction to the world. These are less targeted attacks and more generalized attacks.
More common than you think
Dr. Dor warns that attacks that stem from unprotected IoT do not always target specific industries. She recalls understanding that cybercriminals often seek out the least protected targets.
This does not mean that there are attacks specifically directed against certain industries or organizations.
“It’s less of a sectoral problem. Rather, it is a general problem of spreading IoT devices and somehow hampering the security architecture of the organization. By creating all these hidden links, the IoT itself could serve as a starting point for the intended target,” she warned.
Common misconceptions and challenges
Dr. Dor noted that one of the biggest misconceptions in IoT security is the perception among companies that they have no IoT devices in the workplace. And if they did, the other misconception is that these devices are not connected to the internal network (unbeknownst to them).
Another misconception, she added, is that companies think they are protected when they are not.
“People don’t always have the right staff to do the required security sections,” she postulated.
Advanced technologies to the rescue?
When asked if advanced technologies help solve some of the challenges she presented, Dr. Dor is confident that tools are available to help understand the challenges.
She cited the use of artificial intelligence (AI) as helping to map devices that are seen on the IoT device network and map their behavior.
“But to do that, you need a lot of data on similar IoT devices that exist,” she warned.
“So, as an organization, you may not have enough data to secure your IoT devices. However, you probably have enough data about the different uses and uses of this IoT device that could help you to sanction or create severing policies for the IoT device.
Improving the security of IoT devices in the enterprise
Dr. Dor suggests reducing the access atmosphere of the IoT device to the least restricted or a zoning-based approach. The other step is to understand what the IoT does and see that it behaves like a legitimate IoT device.
She recommended organizations buy IoT devices that have some built-in security and stability.
Click on the PodChat player and hear more about Dr. Dor’s insights and recommendations for securing IoT for the enterprise.
- What are the IoT cybersecurity threats facing businesses?
- How common are these threats?
- What are the common misconceptions and challenges encountered today when companies attempt to secure IoT devices?
- Can advanced technologies such as AI, machine learning and deep learning solve these problems?
- What are the roles of AI, machine learning and deep learning in IoT security?
- What are your recommendations for bringing greater security to IT devices in the company?
#PodChats #FutureIoT #Understanding #Fundamentals #Secure #IoT #FutureIoT