What is IOT?
For a transcript of this video, click here.
The Internet of Things, or IOT, refers to electronic devices that rely on sensors and internet connections in order to transmit data. IOT devices range from smart watches, and smart home assistant devices, to security systems, to ATMs, to in-vehicle GPS navigational systems.
Because IOT devices can be used to quickly and easily amass data about consumers, business executives can consider new markets and revenue streams as a result of these technologies.
What types of cyber threats can affect IOT systems?
IOT systems can serve as entry points for hackers to gain access to a computer network. Once a hacker makes it through a single device, he or she can move laterally across a system.
In 2018, more than 20% of companies documented a data breach that occurred due to inadequate IOT security.
Specific security threats include:
- Denial of service attacks
- Man-in-the-Middle (MiTM)
- Identity and data theft
- Social engineering (For example, a hacker could ask for personal information related to fitness, as measured via a smart watch)
- Remote recording
IOT devices must be properly secured in order to prevent problems.
How can organizations protect IOT devices?
It is recommended as a best practice that organizations conduct inventories of their IOT devices. Organizations should know how many IOT devices are connected to the network, and what kinds of devices they are. This knowledge will inform security practices.
Ensure that your organization retains the latest firmware. Updated firmware will ensure proper patching of IOT systems, as needed. Set this on automatic.
Network segmentation can help organizations contain any potential threats. For example, organizations may wish to ensure that security cameras remain on a separate network from the heating and cooling systems.
Develop a multi-layered, collaborative defense system. Convene with stakeholders to discuss how to implement a series of security protocols in relation to IOT systems. The multi-layered, collaborative approach strengthens an organization’s security posture.
Preparing for a worst-case scenario will ready an organization for a real threat. Assemble a strategic plan and include relevant stakeholders in the development process. Then, test it with the team.
Notable quotes about IoT:
“IoT is taking over our worlds both home and at work. Smart lightbulbs, smart meters, IP enabled security gates and door locks. The number of IP enabled devices continues to grow at rapid rates. This solidifies the need for strong IoT visibility, controls and policy while malicious entities look to take advantage of these growing networks”. –Cyber security evangelist, Mark O.
“IoT should be named IoE, as EVERYTHING and anything can connect to the Internet.” -Cyber security evangelist, Edwin D.