Are you one of those businesses who does not know what devices are attached to your network? If so, you are not alone, but you should understand that this can lead to a significant increase in risk and unknown gaps in your organisation’s security.
Based on research conducted by Security firm Forescout, 49% of the 500 UK companies that were polled, said that they did not fully understand their IT assets and believed they had unknown devices connected to the network.
Although this is a small sample, this could mean that up to 2.8 million businesses in the UK are exposed to unknown cyber threats, related to unmanaged or even malicious devices.
The Internet of Things (IoT) has caused a huge explosion in the amount of internet connected devices, across both business and home networks, and this shows no sign of slowing down.
With more and more IoT devices connecting to corporate networks, Gartner predicts that as many as 20 billion devices will be internet connected worldwide by 2020. The biggest risk in this area comes from a lack of visibility and control over network assets.
Ironshare have witnessed this position many times when questioning our existing and prospective clients about their security. Having an understood and documented network always seems like a very low priority for most organisations.
During our assessments we have identified numerous instances of IoT and network devices present on customers networks that they were unaware of. These have ranged from rogue wireless network devices, to IoT security cameras directly accessible from the internet with no authentication, which could not only compromise the internal network but also the sites physical security.
With ‘Inventory and Control of Hardware Assets’, sitting right at the top of the CIS list of 20 Critical Security Controls, at minimum a manual inventory should be a key item created and maintained under any organisations security strategy.
“After all, if you don’t know about it, you can’t manage and control it.”
The lack of visibility can lead to devices that are vulnerable to unpatched flaws, leaving them open to malicious exploitation. While typical IT focus will monitor critical assets such as servers, security and network devices, and possibly desktops and laptops, IoT devices are often forgot, ignored, or unknown, making them prime targets for bad actors.
With a single unknown device compromised it is possible for these actors to use the device to laterally move around the network, infecting or hijacking further machines, often without the company knowing about it.
Organisations should apply a level of focus to understanding their technology estate and defend against common cyber threats. Below are a few guidelines you can follow to improve this area:
- Create and maintain an inventory of ALL hardware and devices you connect to your network, not just critical assets.
- Establish a process for ensuring that new devices are added to the inventory.
- If possible and if budgets allow, use automated tools to scan and discover new devices as they are connected to the network.
- Isolate IoT devices into their own network segment, so that a compromised device does not impact your critical assets.
- Ensure that all devices are included in regular patch management and kept up to date with latest firmware and security patches.
Ironshare – Security Simplified