Connect IoT devices securely

August 30, 2023
| No comments
Connect IoT devices securely

Share post

As the number of IoT devices increases, so does the risk of attack from known and unknown threats. The 2023 IoT Security Benchmark Report shows how organizations are using advanced IoT security to protect connected devices.

The number of connected IoT devices will continue to grow in the coming years, reaching an average of over 2025 devices per company by 9.000. Unfortunately, most existing IoT security solutions do not have any built-in prevention or enforcement measures. They often use legacy, signature-based detection methods that focus on known devices. Poor IoT security has been a factor in several high-profile security incidents over the past few years, including those at SolarWinds and Colonial Pipeline, which ultimately cost billions to fix.

IoT-related attacks are common

The 2023 IoT Security Benchmark Report from Palo Alto Networks in partnership with Starfleet Research shows how organizations are using advanced IoT security to protect connected devices from known and unknown threats. The report was developed by Starfleet Research, a global leader in benchmarking best practices in technology-enabled business initiatives. A team of subject matter experts employed primary and secondary research techniques that involved IT and cybersecurity leaders, IT staff, and other industry professionals with first-hand experience of IoT security in their organizations. 81 percent of security leaders said their organizations had experienced an IoT-related attack in the past year. Below are some other key findings from the study.

The size and scope of IoT across different industries

The number of connected network devices in corporate networks has increased from an average of 700 devices in 2020 to more than 3.000 devices in 2022. Experts agree that this number will continue to grow exponentially across all industries. The use of IoT devices across a range of sectors encompasses different use cases.

  • Healthcare: wearable devices (e.g. fitness trackers, smartwatches), pacemakers, blood pressure monitors, connected hospital equipment (e.g. MRI machines, X-ray machines).
  • Manufacturing: RFID labels, sensors, cameras, controllers.
  • Hospitality: smart locks, thermostats, sensor-based lighting, energy management systems.
  • Retail: Beacons, interactive displays, connected fitting rooms, connected packaging
  • Financial services: ATM sensors, NFC-enabled devices (e.g. smartphones, smartwatches), CCTV cameras, authentication tools.
  • Authorities: traffic monitoring, air quality monitoring, road safety, smart trash cans, smart water meters.

The dark side of rapid IoT growth

The risks posed by connected devices threaten to erode the benefits of increasing productivity, efficiency and revenue. IoT device manufacturers have not always done everything they can to protect them. 86 percent of those responsible for security are of the opinion that manufacturers protect their IoT devices from attacks "poorly" or "very poorly". IoT devices are often designed by manufacturers with convenience in mind, sometimes at the expense of security. In short, IoT devices often ship with vulnerabilities, run unsupported operating systems, are difficult to patch, and lack communication encryption. This leaves IoT devices vulnerable to medium- or high-severity attacks.

Challenges in protecting connected devices

Understanding the challenges organizations face in securing IoT devices will help in choosing solutions. Below are some of the most frequently cited challenges:

  • Complexity of ecosystems of connected devices
  • Impossibility to obtain full transparency
  • Different security levels
  • Inadequate security features
  • Lack of network segmentation
  • Unencrypted Data
  • Limited security standards
  • Compliance Requirements
  • Insufficient time and financial resources

To meet these challenges, organizations need to rethink their security strategy. Connected devices must be integrated into security frameworks to close these risky gaps and mitigate vulnerabilities in a growing attack surface.

Zero trust approach and device security

In a Zero Trust system, an organization must verify and authenticate all devices and users before granting them access to resources. The Zero Trust approach to IoT security protects an organization by eliminating implicit trust and continuously auditing every phase of digital interaction. With Zero Trust, no device or user is automatically trusted, whether they are on or off a network. Zero Trust provides a viable and effective security paradigm that can be deployed to protect the hundreds of thousands of connected devices deployed in enterprise ecosystems.

How industry leaders protect connected devices

Successful IoT security strategies are based on a zero trust approach. The strategy should also integrate a purpose-built IoT security solution into existing security systems, such as B. Platforms for protecting endpoints and systems for detecting and responding to intruders.

Industry-leading companies are implementing an IoT security solution that uses machine learning to detect vulnerabilities and suspicious activity, even those never seen before. Additionally, IoT security runs continuously, with automated zero-trust security, and is deployed on a highly scalable cloud architecture. Other features of the industry-leading IoT security solution include:

  • Ability to discover all - known and unknown - IoT devices on the network
  • Functions for assessing compliance
  • Analysis of device behavior to create baselines and detect anomalous activity
  • Protection against known, unknown, and zero-day threats
  • Least privileged access policy recommendations and enforcement capabilities
  • Easy integration with other security and IT systems

Take advantage of connected devices risk-free

Palo Alto Networks concludes: Companies across multiple industries have increased their productivity, efficiency, and revenue through the use of IoT devices. When leaders take the time to understand IoT security, the challenges, and the solutions deployed by industry leaders, they can reap the benefits of connected devices while minimizing the risks.

More at PaloAltoNetworks.com

 

About Palo Alto Networks

Palo Alto Networks, the global leader in cybersecurity solutions, is shaping the cloud-based future with technologies that transform the way people and businesses work. Our mission is to be the preferred cybersecurity partner and protect our digital way of life. We help you address the world's biggest security challenges with continuous innovation leveraging the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are the leaders in protecting tens of thousands of businesses across clouds, networks and mobile devices. Our vision is a world where every day is safer than the one before.

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more

 

PR News
, , , ,