Smart devices can be entry points for cybercriminals
into corporate networks.
SMART CCTVs and light bulbs, personal medical wearables like heart rate monitors, connected gym equipment, coffee machines, and game consoles may be cyber risks because of the small IoT sensor that can gain entry into a corporate network and launch a ransomware attack.
This is according to a survey by Palo Alto Networks, commissioning technology research firm Vanson Bourne, which polled 1,900 IT decision-makers at organizations in 19 countries. The IoT survey from Palo Alto Networks highlights the need for shared responsibility among remote workers and IT teams to secure the enterprise. The report essentially said that non-business connected devices–the strangest of which is an automated pet feeder–which are creating more risk for enterprises in Asia-Pacific.
Survey responses warn of needed security changes to protect corporate networks from non-business IoT devices. Nearly 100 percent of the same group above indicated their organization’s approach to IoT security needs improvement, and three out of ten (30 percent ) said it needs a complete overhaul with the greatest security capability needs around threat protection (57 percent ), risk assessment (57 percent ), IoT device context for security teams (60 percent ), and device visibility and inventory (56 percent ).
“IoT adoption has become a critical business enabler. It presents new security challenges that can only be met if employees and employers share responsibility for protecting networks. Remote workers need to be aware of personal home devices that may connect to corporate networks via their home router. Enterprises need to better monitor threats and access to networks while practicing proper network segmentation to safeguard remote employees and the organization’s most valuable assets,” Vicky Ray, principal researcher, Unit 42 at Palo Alto Networks says.
Worth noting, of all the Asia Pacific (including Japan) IT decision-makers polled by Palo Alto Networks that have IoT devices connected to their network, over half (53 percent ) indicated that IoT devices are segmented on a separate network from the one they use for primary business devices and business applications (e.g. HR system, email server, finance system, etc.), and another 28 percent of respondents said that IoT devices are micro-segmented within security zones — an industry best practice where organizations create tightly controlled security zones on their networks to isolate IoT devices and keep them separate from IT devices to avoid hackers from moving laterally on a network.
