Deploying Connected Devices with Confidence
We’ve all seen the rush to deploy the new wave of connected devices. We love the convenience that ubiquitous connectivity brings us; our cars can reroute us based on traffic jams, we can adjust our lights or AC without leaving the couch, we can get up-to-the-minute blood glucose readings, and we can precisely monitor energy flow across a smart grid and optimize manufacturing with smart factory floors. Aided by technologies such as Bluetooth Low Energy, WiFi, and 5G, the pace of Internet of Things (IoT) deployment continues to accelerate. In fact, in a recent Forrester report, 69% of surveyed respondents estimate that at least half of all devices on their enterprise network or IoT are unmanaged, and 26% estimate that unmanaged devices outnumber managed devices on their network by three to one. And this is all good… right?
Well, as with any new technology, there are going to be drawbacks. Among the most significant: our ability to build and deploy intelligent, connected devices has outpaced our understanding and practices of how to secure them. We’ve seen large botnets take over farms of IoT devices and shut down large chunks of the Internet, a recent escalation in healthcare organizations hit by ransomware attacks impacting connected medical devices, and privacy breaches impacting everything from baby monitors to smart watches.
And IoT devices really are special. For traditional IT devices, like Linux servers and Windows laptops, we have established best practices for security. It isn’t perfect, but in reality, if we keep the operating system and any endpoint security software up to date, we’ll eliminate the majority of system vulnerabilities. In fact, an analysis earlier in 2022 showed that flaws from 2017 and 2018 were still among the most commonly exploited today; a simple and free OS update would have blocked them. IoT devices, however, are more often black boxes – we don’t know which version of what operating system they’re running, or which versions of what libraries, and even if we have that information we can’t force an update; we typically have to wait for a patch from the manufacturer. There are no standards or real consistency for tracking security flaws across connected devices; the only way we can understand where the problems are is to test them ourselves. Then, armed with a better understanding of how IoT devices are impacting our attack surface, we can deploy targeted mitigation strategies to address the vulnerabilities we’ve discovered.
This is, of course, good information to have and a good strategy to pursue. But how do we know that our defensive tools, the stack of network, cloud, email, and endpoint security tools that we array to keep both our traditional and nontraditional IT devices safe, are working? How do we know if an emerging threat is able to slip through our firewall, or run undetected on an endpoint, or make it through our email gateway to target an unsuspecting phishing victim? The same principle applies; we really need to test our defensive stacks, on a continuous basis, to make sure they’re optimized and tuned to catch the latest attacks that threat actors are deploying against us. This lets us, finally, go on the offensive and think like an attacker – we can test and probe our networks and devices ourselves, discovering vulnerabilities and attack paths ourselves, rather than waiting for a bad guy to do it. We can get ahead of hackers by discovering and closing gaps in detection and visibility before they can be used against us, and Keysight is proud to offer tools such as our IOT Security Assessment, Threat Simulator, and our Vision Series Network Packet Brokers to help you stay one step ahead.
If you’d like to learn more, you can view my recent discussion on countering the increasing threats from connected devices at the GoSec22 conference in Montreal, just click here for registration-free viewing.