Has Adoption of ‘Connected Devices’ Outpaced Security?

            By Scott Register, Vice President, Security Solutions, Keysight Technologies



            We’ve all seen the rush to deploy the new wave of connected devices but the speed at which these
            devices have been embraced may threaten fundamental security protocols. We love the convenience
            that ubiquitous connectivity brings us; our cars can reroute us based on traffic jams, we can adjust our
            lights or AC without leaving the couch, we can get up-to-the-minute blood glucose readings, and we can
            precisely monitor energy flow across a smart grid and optimize manufacturing with smart factory floors.
            Aided by technologies such as Bluetooth Low Energy, WiFi, and 5G, the pace of Internet of Things (IoT)
            deployment continues to accelerate. However, in a recent Forrester report, 69% of surveyed respondents
            estimate that at least half of all devices on their enterprise network or IoT are unmanaged, and 26%
            estimate that unmanaged devices outnumber managed devices on their network by three to one.

            Well, as with any new technology, there are going to be drawbacks. Among the most significant: our
            ability to build and deploy intelligent, connected devices has outpaced our understanding and practices
            of how to secure them.  We’ve seen large botnets take over farms of IoT devices and shut down large
            chunks  of  the  Internet,  a  recent  escalation  in  healthcare  organizations  hit  by  ransomware  attacks
            impacting connected medical devices, and privacy breaches impacting everything from baby monitors to
            smart watches.



            Lessons for ‘Connected Device’ Security—Think Like an Attacker

            IoT devices really are special. For traditional IT devices, like Linux servers and Windows laptops, we
            have established best practices for security. It isn’t perfect, but in reality, if we keep the operating system
            and any endpoint security software up to date, we’ll eliminate the majority of system vulnerabilities. In
            fact,  an  analysis  earlier  in  2022  showed  that  flaws  from  2017  and  2018  were  still  among  the  most
            commonly exploited today; a simple and free OS update would have blocked them. IoT devices, however,




            Cyber Defense eMagazine – January 2023 Edition                                                                                                                                                                                                       77
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.