Securing the new endpoint: Making the IoT transformation safe for enterprises. Credit: Getty Images The number of devices that exist within an average organization has grown exponentially over the last few years. The growth of mobility and the Internet of Things (IoT) explosion have led to a rapid rise in the number of endpoints that must be managed and secured. This problem is set to grow, with Gartner predicting more than 20 billion connected things will be in use by 2020, up from 11 billion this year.While many people perceive IoT devices as simple, they’re not simple at all – they’re actually running operating systems with full networking stacks and an application layer. To make matters worse, most of them are beyond our control. As many as 82% of organizations are unable to identify all the devices connected to their network, according to a Forrester study, and 77% of companies admit that increased usage of IoT devices creates significant security challenges.A growing riskAs the number of devices that we don’t have control over continues to grow, so do the risks. We’re already seeing a marked increase in botnets where IoT devices are taken over and used in everything from volumetric and brute force attacks to spam and data exfiltration.Hackers can compromise outdoor traffic cameras for example, where they can upload rogue firmware resulting in their ability to take complete control of affected devices remotely. Cameras are known to have issues with dynamic DNS services, device-to-device communications, and buffer overflow vulnerabilities. Vulnerable IoT devices also offer entry points for rapidly spreading malware, like that used in the WannaCry ransomware attacks.Airborne threats are also on the increase as we boost wireless connectivity and enable more devices to connect to each other. Look at something like BlueBorne, which allows attackers to exploit vulnerabilities in Bluetooth to take over devices. It exposed 5.3 billion devices to risk, allowing attackers to potentially take over any devices with Bluetooth turned on. One of the scariest things about these vulnerable endpoints is that they can allow attackers to gain access without your knowledge. If you don’t know what all the devices on your network are or manage them to ensure they’re properly patched, then you won’t know when your defenses have been breached.Circumventing securityWhile your firewall might do a good job of protecting your perimeter and monitoring network traffic at certain specific points, there’s generally a lack of visibility into what whitelisted devices on your network are up to. Consider that these devices can often communicate with each other directly nowadays, using Bluetooth or Wi-Fi to bypass your security systems.Stop and think about the potential cost of a data breach, and you’ll quickly realize how important it is to establish genuine visibility of all the devices on your network. As we discussed in our tips for blocking ransomware, segmenting your defenses and acting to prevent lateral movement is vital, as is sandboxing suspicious files and swiftly isolating infected systems.Developing a new approachWhat’s needed is visibility that extends beyond the perimeter into the network core. A successful architecture cannot rely upon agents, it must be clear what all the connected devices are, and we need to know when a device has been compromised.In implementing a security solution, you’ll want something that can integrate with your environment and sit on top of the existing network infrastructure to provide insights. Take the time to map every device and analyze the potential interactions between them. Visibility isn’t enough on its own, though, because security policies must be enforced. Employ automation wherever you can to avoid overwhelming security teams.Behavioral analytics are the way forwardMany security tools and strategies are intrusive and disruptive for staff. That’s why careful analysis is a good option. We’ve looked at the potential of user behavior analytics before and you can apply the same logic to devices. Model the expected and intended behavior of all the devices on your network, automate policy enforcement where you can, and flag anomalies to security staff where you can’t. While the IoT transformation is enabling a lot of exciting developments in many industries, it’s crucial that we don’t neglect security concerns, or it could grow into the kind of blind spot that allows a major incident to develop. Related content opinion Diversity in cybersecurity: Barriers and opportunities for women and minorities Increasing the numbers of women and minorities in cybersecurity isn't just good for the individuals involved, it's good for the practice of security. Here's a look at what's holding them back and what can be done about it. By Michelle Drolet Dec 23, 2021 5 mins Diversity and Inclusion Hiring Security opinion 6 steps for third-party cyber risk management If you have third-party partners, you need a third-party cyber risk management program. Here are six key steps to follow. By Michelle Drolet Sep 30, 2021 4 mins Risk Management Security Practices Security opinion 5 open source intrusion detection systems for SMBs If you don’t have a lot of budget at your disposal, these open-source intrusion detection tools are worth a look. By Michelle Drolet Nov 13, 2020 5 mins Intrusion Detection Software Security feature 6 steps to building a strong breach response plan Cybersecurity resilience depends on having a detailed, thorough, and tested breach response plan in place. Here's how to get started. By Michelle Drolet Oct 07, 2020 5 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe