itb-au logo
Story image

Why securing IoT installations will be ‘do or die’ in post-pandemic Australia

09 Sep 2020

Article by ExtraHop A/NZ regional sales manager Glen Maloney.

Industry watchers are predicting a digital transformation boom in 2021 as Australian enterprises emerge from COVID-induced hibernation and begin their recovery journeys. 

Internet of Things (IoT) technology may be the key to catching up and competing for many organisations. Being aware of the cybersecurity threat vulnerable IoT devices can create, and taking steps to mitigate it, will allow organisations to reap the benefits without opening themselves up to unnecessary risk in the process.

IoT everywhere

In 2020, the use case for IoT technology has been well and truly made. Gartner predicts that the global number of enterprise IoT devices will hit 7.6 billion by 2028.

But it’s become more than a numbers game. Here in Australia, and around the world, organisations aren’t merely dabbling in the IoT sphere; they’re preparing to spend significant sums on these connected devices which will play a mission-critical role in their operations.

Leading the charge are the utilities, physical security, building automation, automotive and healthcare industries, all of which are using metering and monitoring solutions to overcome business challenges and boost operational efficiency.

IoT technology isn’t just proliferating rapidly; a greater variety of smart devices is also emerging. Think badge readers, VoIP phones, conference room cameras, medical devices and even treadmills.

Because of their potential to deliver efficiencies and cost savings, it’s likely many enterprises will accelerate their investment in connected smart devices, as the economy reopens and the collective rebuilding effort begins.

Securing a broader swathe of assets

But what does this trend mean for enterprise information security and the teams charged with protecting high valued assets from incursions and attack?

In short: a lot. Without careful planning and investment in security processes and technologies, enterprise IoT can quickly become a sea of easy entry points into an organisation.

The challenge of securing your vastly expanded attack surface is compounded by the fact that many smart devices are designed and installed with functionality, rather than security, in mind. 

Most devices ship with fixed or clear text passwords, they’re not built for reconfiguration and patching, and it can be all too easy for organisations to end up with a fleet of vulnerable devices - each one of which can potentially provide direct access to the corporate network. 

The recent exposure of the Ripple20 vulnerability is an excellent example of the widespread adoption and risk that is associated with IoT devices.

It can also be unclear who’s responsible for approving IoT devices if IT teams are not involved in setting protocols regarding their acquisition and oversight, organisations are exposing themselves to risk. 

In many instances, IoT enabled devices are purchased and installed by business units, without the knowledge of the security team. 

The net result? An extraordinary new cyber-risk for security teams to grapple with.

See it, secure it

When it comes to securing IoT on the network, lack of accurate visibility and behavioural insight is the biggest challenge faced by organisations.

For many, it’s a struggle to detect anomalous activity because they don’t know what connected devices have been installed, what else they should be allowed to talk to, let alone have a picture of what regular network traffic looks like.

Detecting and mitigating threats before critical systems and data are compromised necessitates real-time visibility into the entire landscape, including what IoT devices are present, their function and how they’re behaving. 

It’s essential to know how these devices should interact in context of the entire network, and understand what services they need to talk to.

A network detection and response (NDR) solution delivers visibility, context and intelligence to ensure security teams stay a step ahead of their adversaries who are intent on infiltrating and disrupting critical systems. NDR provides visibility into every device on the network to enable organisations to stop incidents from breaching the network.

In today’s challenging economic times, that’s something Australian organisations cannot afford to weather.