- March 30, 2019
- Posted by: admin
- Category: Uncategorized
Biggest Cybersecurity Threats- Everything’s bigger in the Internet of Things. Well, not the devices themselves — those are commonly small enough to hold just a couple of chips and are frequently hidden out of sight and out of mind. But the sheer scale of data and devices in the IoT is a headache for any cybersecurity professional.
Widely cited estimates put current IoT data output at 2.5 quintillion bytes daily, which will grow as the IoT encompasses up to 30 billion devices within the next two years. “With so many devices coming out and the IoT being so new to everybody, it’s difficult for most organizations, especially smaller ones,” says Troy La Huis, digital risk leader at the accounting, consulting and technology firm Crowe.
As the scale grows, so do the risks. Take a look at seven of the most significant cybersecurity threats the IoT poses today, and read on to find out how cybersecurity leaders and advisers can stay ahead of the challenges.
1. Hidden, Exploitable Potential
Many IoT devices are designed for narrow tasks, such as sensing temperature or recording movement. But they run on microcontrollers and operating systems capable of doing much more in the background without impeding their primary purpose. That’s a rich opportunity for an attacker, and a significant risk for owners — and the companies they work for.
La Huis recommends involving information security managers just as closely in a company’s IoT procurement process as they would be in any other technology acquisition. Whether it’s servers and storage racks or camera drones and smart lighting fixtures, “you don’t want the IS team to come in after everything has been determined and purchased.”
2. Forgettable Devices
Many IoT devices are designed to be neither seen nor heard, engineered to run for years at a time on trickle power or even a single coin battery cell. They may be embedded in walls and ceilings, or mounted on factory equipment inaccessible to maintenance workers on normal rounds.
That’s wonderfully convenient for their intended purposes — to be reliable and low-maintenance. But it’s a real problem for IT asset and cybersecurity management strategy. “One of the top failures is that people just forget about them,” La Huis says.
To address this gap, create and enforce the same kind of strict replacement and refresh cycles already common for IT equipment like data center servers and laptops. Because so many IoT devices may be physically hidden for years at a time, this may require more detailed documentation than a typical smartphone replacement plan. Your future IT squad needs to be able to findthe devices before those devices can be refreshed or replaced.
3. Recognizing An IoT Attacker’s Goals
A reflexive approach to IoT security might reasonably take cues from some of the earliest IoT exposures and exploits. Smart cameras and payment card readers have been subverted and skimmed to pass data to unauthorized users. More recently, embedded systems were targeted by ransomware schemes that extracted payment in exchange for avoiding shutdowns of crucial systems like medical devices. But attackers coming after the growing classes of IoT devices may be more interested in writing data than readingit.
Read More Here
Article Credit: Forbes
The post The 7 Biggest Cybersecurity Threats In An IoT World appeared first on erpinnews.