Jun 01

2017

Is Your Enterprise Facing an IoT Invasion?

By Great Bay Software

Our recent on-demand webinar with John Pescatore, SANS Emerging Security Trends Director and Ty Powers, Great Bay Software Technical Product Manager, outlines an actionable plan to shore up your IoT security. It should be viewed by anyone responsible for enterprise security or network infrastructure – especially in high-risk industries such as finance, healthcare, manufacturing, utilities, and retail. You can find the webinar recording here.

John provides a spot-on overview of IoT application growth, which he describes as the “Immaturity of Things”. Deployments are still in an emerging stage, yet he forecasts rapid market penetration of all things IoT. John lays out a clear picture of the types of devices we’re seeing and where they fit into both personal use and business operations.

Information Technology

Personal Technology

Operational Technology

Personal Computers

Tablets, Smartphones

ICS/SCADA

Servers

Home Energy, Control

Medical Machines

Virtualization

Medical Devices

Manufacturing

Routers

Entertainment

Cloud Service Infrastructure

Switches

Mi-Fi

Environmental Monitoring

Source: SANS Institute


After sharing statistics on cyberattack techniques and growth trends, John reminds us of the 80/20 rule: 20% of input (time, resources, effort) accounts for 80% of output (results, rewards). His advice? Focus your device security measures:

  • Study your organization’s real world attacks and vulnerabilities
  • Concentrate first on the highest payback security controls
  • Emphasize working solutions and automation
  • Given your time and budget - go on from there


The Frustrations with NAC– We Heard You Loud and Clear

Webinar attendees indicated that Network Access Control solutions alone are not enough to deal with device and network risk. These network security specialists are not satisfied with their NAC deployments. In the age of IoT proliferation they are looking for more ways to boost their network protection. In one poll we took at the webinar, we asked the following: in terms of NAC solutions, which of the following statements best describes your organization? Almost 75% reported that they need to improve their current NAC system or don’t even plan to deploy one!

Great Bay Software’s Ty Powers drilled down on how to tackle IoT challenges – especially for those who either find NAC is not enough or are foregoing it altogether. He emphasized the importance of focusing on business problems as a way to uncover security risks and take the best actions. Ty detailed five steps to move forward:

  1. Understand the problem before trying to solve it
  2. Know what’s on your network at all times.
  3. Understand and monitor endpoint behavior
  4. Really know what’s out there on your network
  5. Take action now – choose solutions versus point products

In demonstrating the Great Bay Software Beacon Product Suite solution, Ty backed up his recommendations with this advice from Gartner:

“Before making an IoT security product purchase decision, security and risk management leaders should determine which discovery and visibility business benefits are most compelling before architecting use cases.”


The Bottom Line

IT security managers are facing a huge growth in IoT applications all across the enterprise. Often driven by business operations, and independent of IT, IoT devices are being connected to the network with minimal thought to the risks of a network breach. And of course, you can’t secure the devices you can’t see. For broadly accepted security hygiene advice read the SANS 20 critical security controls report. Watch the full ‘SANS Taming and Securing the IoT Infestation in Your Enterprise’ webinar to learn how to tackle the challenges even if you have a NAC deployment, and especially if you do not.

 

Download Gartner IoT Visibility Report 

IoT Whitepaper CTA

Comments

Related Posts

Oct 10

2017

Be Cybersecurity Aware: Make Sure Your IoT Devices are Under Control

It’s hard to believe that it’s already October and autumn is upon us. Big things happen in October. The U.S. Supreme Court starts its new term. It’s National Book Month and Country Music Month....

Sep 26

2017

Embrace Your IoT Initiatives with Confidence

IoT applications are growing exponentially. Add to this the mounting sophistication and malice of Cybercrime and we’re talking big risks. Recently, we partnered with SC Magazine to present an...

Aug 30

2017

The Department of Homeland Security and IoT

There are fundamental challenges with IoT device architecture that have limited the integration of on-board security mechanisms. For the most part, developers and manufacturers have not felt inclined...

Subscribe to Blog Updates