t cht lk
consequences of deploying a wave of
unsecured devices to your network.
IoT, a cybercriminal’s dream
Any device or sensor with an IP address
connected to a corporate network is an entry
point for hackers and other cybercriminals;
it’s the equivalent of an organisation leaving
its front door wide open for thieves.
Managing endpoints within an organisation
is already a challenge; a 2017 survey showed
63% of IT service providers have seen a 50%
increase in the number of endpoints they’re
managing, compared to the previous year.
IoT will usher in a raft of new network-
connected devices that threaten to
overwhelm the IT department charged
with securing them, a thankless task
considering the lack of basic safeguards in
place on the devices.
98
INTELLIGENTCIO
Of particular concern is that many IoT
devices are not designed to be secured or
updated after deployment. This means
that any vulnerabilities discovered post-
deployment cannot be protected against
in the device itself and corrupted devices
cannot be cleansed. In an environment
with hundreds or thousands of insecure
or corrupted devices, this can raise huge
operational and security challenges.
IT or OT
IT professionals are more used to securing
PCs, laptops and other devices, but they
will now be expected to become experts in
smart lighting, heating and air conditioning
systems, not to mention security cameras and
integrated facilities management systems.
A lack of experience in managing this
Operating Technology (OT), rather than IT,
should be a cause for concern. It is seen
as operational rather than strategic and
deployment and management are often
shifted well away from board awareness
and oversight.
And that’s barely touching the visible
surface. Machine-to-machine (M2M)
technology is already transforming and will
continue to transform businesses.
Many AI applications depend on IoT; for
example, transportation and logistics are
being changed by it. These developments
can and will impact most organisations.
Nevertheless, the majority of organisations
are deploying IoT technology with not
only a lack of strategic direction, but with
minimal regard to the risk profile or the
tactical requirements needed to secure them
against unforeseen consequences. These not
only include security requirements, but also
business continuity challenges.
www.intelligentcio.com