By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    predictive analytics in dropshipping
    Predictive Analytics Helps New Dropshipping Businesses Thrive
    12 Min Read
    data-driven approach in healthcare
    The Importance of Data-Driven Approaches to Improving Healthcare in Rural Areas
    6 Min Read
    analytics for tax compliance
    Analytics Changes the Calculus of Business Tax Compliance
    8 Min Read
    big data analytics in gaming
    The Role of Big Data Analytics in Gaming
    10 Min Read
    analyst,women,looking,at,kpi,data,on,computer,screen
    Promising Benefits of Predictive Analytics in Asset Management
    11 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: Why Security Validation Is Vital As Organizations Become More IoT Driven
Share
Notification Show More
Latest News
ai digital marketing tools
Top Five AI-Driven Digital Marketing Tools in 2023
Artificial Intelligence
ai-generated content
Is AI-Generated Content a Net Positive for Businesses?
Artificial Intelligence
predictive analytics in dropshipping
Predictive Analytics Helps New Dropshipping Businesses Thrive
Predictive Analytics
cloud data security in 2023
Top Tools for Your Cloud Data Security Stack in 2023
Cloud Computing
become a data scientist
Boosting Your Chances for Landing a Job as a Data Scientist
Jobs
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Security > Why Security Validation Is Vital As Organizations Become More IoT Driven
Internet of Things

Why Security Validation Is Vital As Organizations Become More IoT Driven

Here's why security validation is more important than ever as businesses become more IoT driven.

Ryan Kh
Last updated: 2020/07/24 at 8:00 PM
Ryan Kh
7 Min Read
IoT security
Shutterstock Licensed Photo - By NicoElNino | stock photo ID: 1381797128a
SHARE

Organizations are increasing their adoption of devices connected to the Internet-of-Things (IoT). Gartner predicts that by the end of 2020, 5.8 billion enterprise and automotive IoT endpoints will have come online. However, this rise in adoption has become a cybersecurity concern. IoT devices are being actively targeted by hackers and threat groups. Often, these endpoints are poorly secured, enabling hackers to implant malware or hijack them for use as part of larger cyberattack campaigns.

Contents
Adoption Is on the RiseIoT as a Security ConcernValidating SecurityMaking IoT Adoption Work

Recently, security professionals have called attention to Ripple20, a set of vulnerabilities affecting the software found in potentially hundreds of millions of IoT devices. The vulnerabilities include remote code execution flaws that allow attackers to run commands on an affected device. Devices from manufacturers including Intel, HP, and Schneider Electric are suspected to contain these flaws.

As such, it’s crucial for all organizations to carry out comprehensive IT audits to determine the devices, systems, and applications that comprise their infrastructure and to perform security validation to check if their defensive measures can actually protect them from threats. Considering how IoT devices are now part of infrastructure, identifying vulnerable IoT devices and checking their level of protection are now vital to any modern cybersecurity strategy.

Adoption Is on the Rise

Organizations look to leverage IoT to make them more efficient. Industrial facilities are among those putting premium on IoT. Networked sensors and smart devices are not only enabling greater productivity through better automation; these devices are also being used to fuel big data and analytics efforts, the insights from which are leading to more efficiencies.

More Read

data breach issues

A Guide to Using XDR Threat Protection to Stop Data Breaches

Four Strategies For Effective Database Compliance
Fortifying Enterprise Digital Security Against Hackers Weaponizing AI
How IoT Can Be Connected to Business Intelligence
How IEC 62443 and Other Regulatory Requirements Help Enable IoT Security

Companies with more conventional workplaces are also benefiting from the IoT. Connectivity allows work to be done remotely across a variety of applications and devices. Even smaller offices with their simple use of smart thermostats can save on costs. Nest claims to save users around 15 percent in cooling expenses.

The ongoing coronavirus pandemic may have limited activities in these workplaces. However, it can be argued that even home devices can now be considered IoT concerns for some companies. Some companies are allowing remote work through employees’ home computers and networks meaning the smart devices and appliances are becoming part of the same networks that access enterprise systems and applications.

IoT as a Security Concern

Security has now become a key security concern as more IoT devices find their way into an organization’s infrastructure. Arguably, the rush to bring to market low-cost IoT devices to cater to increasing demand contributed to these issues. To bring costs down, manufacturers use less powerful hardware on their devices and leave out security features in the firmware that can prevent hackers from hijacking them.

Human lapses and errors are also to blame. Poor configuration and security practices leave these devices exposed to attacks. The Mirai malware strain, responsible for the largest distributed denial-of-service (DDOS) attacks on record, uses password dictionaries including a list of common default administration passwords to try and take over devices. Many users continue to overlook changing these default values with more secure ones, allowing malware to spread and thrive.

What the recent Ripple20 issue has also underscored is that it only takes one weak link in the whole chain for attackers to be able exploit a massive number of devices, putting many organizations at risk. Falling victim to a cyberattack today can derail any organization due to downtime, data loss, legal issues, and costs of recovery and remediation.

Validating Security

Because of the diversity of devices comprising the IoT, there’s no singular solution that can secure all of the devices used by organizations. Securing IoT and the rest of the network means formulating a comprehensive security strategy that attempts to cover all the possible attack vectors and not just these devices.

This typically means installing endpoint security solutions like antiviruses and antimalware on workstations to stop malware spread, using firewalls to prevent malicious traffic from reaching the network, and enabling spam filters to mitigate phishing attacks. Implementing stringent access management of portals and applications also helps stop any unauthorized access.

But what’s critical is for organizations to actually test their defenses through security validation. It’s entirely possible, even with the adoption of various security solutions, that gaps would still be present in their defensive perimeter. Tools and solutions can fail, or missteps in configuration and deployment can occur. For example, even if endpoints are equipped with capable antimalware, if a hacker is able to remotely access these devices due to weak passwords, then they would still be vulnerable to these attacks.

As such, security validation must be done. Vulnerability scanners can check the state of each and every device and network appliance in use across an organization’s network. Penetration tests and simulated attacks can be also done where organizations launch attacks on their own systems to probe which vectors are most vulnerable. These are usually done by security specialists who use methods similar to those used by hackers to breach networks.

Newer solutions such as breach and attack simulation platforms simplify these tests through easy-to-use interfaces and automation. The results from validation provide actionable insights for organizations to use in improving their security.

Making IoT Adoption Work

So far, the IoT has shown that it can be a double-edged sword for organizations. They have already proven to benefit companies by making them more productive and efficient, but they also have shown that they can be the weak links in their overall security.

Following best practices in implementation such as securing access to these devices, deploying capable security tools, and validating these measures through comprehensive and stringent tests would help minimize these risks. This way, companies can enjoy the benefits of what the IoT can bring, while ensuring that their use doesn’t leave them exposed to cyberattacks.

TAGGED: data security, internet of things, internet security, IoT, iot security, online security, security validation
Ryan Kh July 8, 2020
Share this Article
Facebook Twitter Pinterest LinkedIn
Share
By Ryan Kh
Follow:
Ryan Kh is an experienced blogger, digital content & social marketer. Founder of Catalyst For Business and contributor to search giants like Yahoo Finance, MSN. He is passionate about covering topics like big data, business intelligence, startups & entrepreneurship. Email: ryankh14@icloud.com

Follow us on Facebook

Latest News

ai digital marketing tools
Top Five AI-Driven Digital Marketing Tools in 2023
Artificial Intelligence
ai-generated content
Is AI-Generated Content a Net Positive for Businesses?
Artificial Intelligence
predictive analytics in dropshipping
Predictive Analytics Helps New Dropshipping Businesses Thrive
Predictive Analytics
cloud data security in 2023
Top Tools for Your Cloud Data Security Stack in 2023
Cloud Computing

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

[mc4wp_form id=”1616″]

You Might also Like

data breach issues
Security

A Guide to Using XDR Threat Protection to Stop Data Breaches

6 Min Read
database compliance guide
Data Management

Four Strategies For Effective Database Compliance

8 Min Read
Digital Security From Weaponized AI
Security

Fortifying Enterprise Digital Security Against Hackers Weaponizing AI

11 Min Read
internet of things and business intelligence
Internet of Things

How IoT Can Be Connected to Business Intelligence

6 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

giveaway chatbots
How To Get An Award Winning Giveaway Bot
Big Data Chatbots Exclusive
ai in ecommerce
Artificial Intelligence for eCommerce: A Closer Look
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?