As the upgrade to the cloud becomes permanent for most IT departments, thanks to the on-going pandemic, tackling the IoT revolution becomes a pressing need
Recent reports suggest that WordPress vulnerabilities have exposed 2 million sites to potential hackers. Researchers around the world are urging WordPress makers to deliver a security patch which can potentially provide hackers full, and remote control of the hosted sites. Both the threats received a CVSS score of 8.8, making the potential vulnerability for Page Builder 2.10.15. Version amongst rest earlier. However, this breach may not be a surprise to most professionals in the IT security field.
Earlier this month, researchers found that hackers were exploiting vulnerabilities in Android phones. The vulnerability helped deliver spyware, while exploiting the defects from most manufacturers including Google, Samsung, Huawei, Xiaomi, and LG. It is estimated that there are over 2.5 billion Android devices in use today. Vulnerabilities like these can have profound implications for many users who are not tech-savvy.
On the other hand, the IT revolution also promises a bright horizon for enterprises. For example, the covid-19 pandemic will likely accelerate the shift towards digital payments. Paper money and coins were already going out-of-fashion in many countries. Additionally, these hard-currencies incur more costs for banks and the finance sector. Also, these are also easier to steal and require more transaction time. So, in the post-Covid-19 world, the growth of digital sales channels will be a major opportunity for enterprises. Similar trends are on the rise in healthcare sectors.
According to a Gartner survey in 511 US enterprises, IoT adoption has become mainstream in the healthcare sector. Among the IT managers surveyed, 86% noted that they have IoT architecture in place for most lines of businesses. Additionally, most of these organizations with revenue crossing over $100 million also have IoT based production processes in place. This is why the IoT revolution will be key in the future, and cybersecurity will need to be stepped up to match the promise of the IoT revolution. The following are 4 steps to ensure maximum security for IoT processes.
Visibility: A Core Fundamental
Dan Cornell, the CTO of Denim Group has been quoted as saying, he believes visibility in IoT infrastructure will emerge as a core need for modeling threats and understanding the environment in his interview with the CSO magazine. According to Cornell, in order to minimize risks, IoT planners need to understand their IT assets and anticipate risks associated with a planned and systematic manner. Infusing visibility requires modeling worst-case scenarios, and putting in place concrete roadmaps for blocking specific features, deploying operations control, and implementing technology differently.
Device Security: A Procurement Issue
While many IT departments have a safe architecture in place, they often don’t have control of manufacturing for security features. For example, how often do enterprises procure devices ensuring the vendor has met all the essential security features? This procurement process brings many risks and potential vulnerabilities inside business operations. Ideally, the procurement process should follow similar checks and assessments like the network infrastructure. In a planned procurement, buyer enterprises will likely exert more pressure on the vendor than before.
Communication: A Bridge between IT and IoT
Recently, some IT departments have witnessed a growing shift towards ICS environments. However, this shift has not come without a few barriers. A key one has been the lack of communication between OT, and IT groups. Concerns continue to arise as without fully understanding the potential impact of new controls in the environment, IT departments are prone to introduce new features.
Expert voices in cybersecurity continue to warn against this divide. Without on-going collaboration, these two groups may never serve a common purpose in an increasingly hostile and opportunity-laden online environment. Hence, this is high-time for enterprises to invest in modern IoT security infrastructure with advanced procurement, planning, and increased collaboration.