IoTruth: IoT doesn’t create risks for your organization

Twitter: @PedroAbreu_0629

Today’s IoTruth: IoT doesn’t create risks for your organization
IoT (Internet of Things) devices are flooding the market, they’re showing up in every single organization and they’re being used to streamline whole new processes, creating new efficiencies. In fact, they’re creating a whole new set of business models that weren’t possible before.

But the reality is these devices are not secure. They’re showing up everywhere in every organization and they’re not being secured from the manufacturers. As a result, they’re creating open windows into your network. You might ask: why would somebody care if my connected fridge is hacked? Well, let’s talk about it.

One of the big problems that IoT brings to the market today is the problem of scale. When you think of each individual item, maybe it creates a little bit of risk. When you bring them in aggregate, the risk is tremendous. Let’s talk about what happened with the botnet that we all heard about just a few months ago. It took advantage of up to 100,000 IoT devices throughout the world. And instead of trying to steal information from the device itself, they used the devices to attack a website. So think of it as 100,000 of these devices constantly, in a matter of minutes, attacking one website and taking it down by pure volume. That’s the problem of scale. To give you a sense, most of the internet on the east coast of the United States was down for a full day by this botnet attack. A lot of companies were very publicly impacted by this.

You might be thinking, “What about me? Did it impact my organization?” Well, I would challenge you to think about this: how many of these IoT devices do you have in your network? The number is likely in the thousands. Imagine if these devices started connecting directly into your SAP system or your point-of-sale system. They could bring them down. And as such, they’re in fact inside of your firewall so you cannot protect against that. That’s the risk that these devices bring into your organization and they bring it in a matter of scale.

What’s the IoTruth? These devices, while very cool, bring a risk to your organization. You need to be able to see and have visibility to what they are doing in your organization. And you need to be able to have access to control them in order to secure them, in order to use them properly.

Look forward to seeing you in the next session.

KRACK Attack: The Impact and How to Mitigate Risk

October 20, 2017

Twitter: @GoGeisler Researchers have recently identified a serious flaw in the WPA2 protocol called KRACK attack. Most WPA2-enabled Wi-Fi clients and a large number of wireless access points are impacted by this vulnerability. The vulnerability allows an attacker to force the use of known keys that are then used to encrypt communication to and from […]

0 comments

K-12 Device Visibility & Control Isn’t Exactly Kids’ Stuff (But It’s Easier Than You Think)

October 18, 2017

Twitter: @smtaylor12 Today’s K-12 environments all have something in common: lots of connected devices. In fact, a December 2015 CNBC article noted that 4.4 million of the 8.9 million devices sold to schools and school districts that year were Chromebooks. If you were to do the math and factor those purchases into a typical school year, […]

0 comments

Women in Tech Leadership Series: Ellen Sundra

October 11, 2017

Twitter: @sashaalexandra Sasha: Welcome back to our Women in Tech Leadership Series. I spent some time with Ellen Sundra, our VP of Systems Engineering for the Public Sector team, discussing her approach to mentorship, balance and hiring for culture. Ellen, you’ve been getting more involved in mentorship programs. What’s been driving that? Ellen: It […]

0 comments

Sign up for ForeScout News.

Sign up for a visit.

Thank you for your interest in ForeScout.