CISOs realise the need for more segmentation , but in some sectors , progress is slow . hey must confront
? editor ’ s question
CISOs realise the need for more segmentation , but in some sectors , progress is slow . hey must confront
T how a proliferation of connected smart devices from cameras to HVACs is multiplying the attack surface for vulnerabilities and potential cyberattacks . For example , our Unit 42 threat analysts reported 134 million exploit attempts leveraging a single vulnerability found inside scores of IoT devices . This was evidence that the threat is real and groups are exploiting IoT security gaps like this to conduct largescale attacks on smart devices worldwide .
The growth in IoT devices connected with enterprise networks has got to be accompanied by an increase in network segmentation to minimise how a hacked IoT device can give threat actors lateral access to sensitive enterprise data or applications . CISOs realise the need for more segmentation , but in some sectors , progress is slow .
In response , there must be a massive strategic shift within IoT security that
AMIT TAILOR , DIRECTOR , SYSTEMS ENGINEERING , PALO ALTO NETWORKS breaks with the piecemeal and confused approaches of the past . Implicit trust between IoT devices and their interaction with sensitive data and systems must stop . Trust should be seen as a massive vulnerability to be designed out of the system entirely .
The path organisations need to follow is towards creating a Zero Trust environment that constantly validates network traffic between your IoT devices , limits access by applying least access and network segmentation policies and continuously monitors all connected devices and blocks any that show signs of unusual behaviour .
There are challenges , of course . But there is a settled methodology to progress that starts from identifying all your IoT assets , assessing their risks and applying risk reduction policies . From this point , you can prevent known threats by automating how you identify and remediate vulnerabilities .
The next level is having in place the systems to detect and respond to unknown threats . This represents the biggest adaptation from how organisations have previously managed their IoT security by how it calls upon a collective threat intelligence engine that delivers real-time malware analysis and protections from zero-day attacks .
Tapping into crowdsourced data from a global community of subscribers provides collective immunity and saves your IT security team valuable time . It achieves this by leveraging information from connected devices , risk scores , vulnerability data and behavioural analytics to investigate never-heardbefore threats . This last step will also uncover potential threats missed in earlier stages and lead you into a cyclical process for continual improvement . www . intelligentciso . com
29