In the internet of things or IoT, the world where billions of devices are connected to the internet and share and collect data, harmless items such as smart teddy bears, implanted heart monitors, connected cars and other networked devices that regularly connect to corporate networks may also be considered threats to IoT security .
This is according to a recent report on practices of securing IoT based on a survey conducted by technology research firm Vanson Bourne among 1,350 IT business decision makers in 14 countries in Asia, Europe, the Middle East and North America. The report was commissioned by Palo Alto Networks, the global cybersecurity leader.
Why are they considered threats? Technology leaders warned that significant action should be taken to prevent these supposedly harmless devices from being used as tools to hack into businesses and inflict significant damage.
The survey respondents noted a rise in the number of IoT devices connecting to their networks over the last year. Among the connected trash cans, light bulbs and hand sanitizer stations, one red flag emerged: 41% of respondents said they need to make a lot of improvements to the way they approach IoT security, while 17% said that a complete overhaul is needed, amounting to more than half of those polled.
Nearly one in four of those surveyed at organizations with at least 1,000 employees reported that they have not segmented IoT devices onto separate networks, which is a fundamental practice in order to create safe, smart networks. Only 21% reported following best practices of using microsegmentation to contain IoT devices in their own tightly controlled security zones.
“Traditional networks are ill-equipped to handle the surge in adoption of IoT devices,” said Tanner Johnson, senior cybersecurity analyst at Omdia. “Device behavior baselines need to be established to allow for new recommended policies to help stop malicious activity. For instance, it would raise a flag if a connected thermostat started transmitting gigabytes of data to an unfamiliar site.”
The survey was released by Palo Alto Networks as part of its ongoing efforts to shed light on security threats posed by the surge in deployment of internet-connected devices. Business Insider Intelligence, a research service that specializes in business intelligence and data-driven research, sees that there will be more than 41 billion IoT-connected devices by 2027, up from 8 billion last year.
“Devices that employees innocently bring onto an organization’s network are often not built with security in mind and can be easy gateways to a company’s most important information and systems,” said May Wang, senior distinguished engineer at Palo Alto Networks. “To address that threat, security teams need to be able to spot new devices, assess their risk, determine their normal behaviors and quickly apply security policies.”
Palo Alto Networks is the global cybersecurity leader that is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. For more information, visit www.paloaltonetworks.com.