IoT and Biomedical devices connect to networks at breakneck speeds, and more and more of them are running in the modern shadow network. A shadow network concept is not new; it is essentially a blanket term to include unknown endpoints on a network. Shadow IT is something that has been a problem since the beginning of corporate networking. However, a tried and true fact of information security is that one cannot secure what is unknown. For effective IoT Security , inventory and control of all hardware assets is critical – as recommended by the Department of Health and Human services (HHS) and echoed as the number one most crucial control on the CIS top 20 critical controls list.
Even though inventory management has been at the top of the list since 2008, companies struggle with maintaining control. In fact, it is rare to perform asset discovery and not find multiple devices connected that were previously unknown to the network administrators. If asset inventory is so crucial to an organization’s security, how has almost no one gotten it right? Simply put, asset inventory is complicated, and computers, connected devices, and IoT have become less expensive and easier to connect.
To understand the speed of IoT growth, the following statistics provide a clearer understanding of the global IoT market’s past and current state. The list, which includes everything from consumer televisions to complex industrial control systems, was sourced from this Leftronic article:
For perspective, the world’s current estimated population is 7.8 billion people, meaning the device per person threshold was passed sometime in early 2019. By the end of 2021, there will be roughly 4.5 devices per person. These staggering numbers show why it is difficult to inventory, update, and secure so many devices.
At the core of the Securolytics platform is our massive database of IoT, BioMed, ICS, and other connected device profiles that has been carefully tuned to correctly identify unmanaged devices. Leveraging this platform for proof of concepts to baseline IoT devices and threats on your network is made quick and easy with the Securolytics IoT-mini:
1) Connect the Securolytics IoT-mini anywhere on the network. It takes approximately 2 minutes!
2) Get an automated report that provides detailed identification of IoT devices and detects IoT-specific threats that traditional vulnerability scanners commonly miss, including those on the OWASP IoT Top 10.
You can test the results at home, with a virtual network, or directly on your work network with zero impact on performance, availability, or bandwidth in any measurable way.
To start profiling IoT devices on your network, request your own Securolytics IoT-mini.
Do You Know Your IoT Risks?
Find Out in Minutes…FREE
Share This Blog