There has been a growing concern around the security of connected devices spanning the enterprise environments in 2021.
Tripwire, in partnership with Dimensional Research, evaluated the outlooks of more than 300 security professionals who manage the cyber-security of internet of things (IoT) as well as industrial internet of things (IIoT) devices.
According to the study, almost 99% of the security professionals indicated challenges with the security of their organization’s IoT and IIoT devices. Another 95% of professionals said that they are concerned about the risks associated with such connected devices.
Meeting the concerning IoT and IIoT security requirements
More than 75% of the surveyed respondents reported that connected devices do not fit into their existing security approach easily. And around 88% require additional resources to meet the surging IoT and IIoT security needs. This is a particular concern for professionals in the industrial space.
Lately, the industrial sector is facing new challenges for securing a converged IT-OT business environment. Nearly 53% said they are unable to fully monitor any connected systems entering their controlled ecosystem. In fact, about 61% of companies have limited visibility into modifications in security vendors in their supply chain.
As Tim Erlin, Vice President of product management and strategy at Tripwire explains, “In the past, cybersecurity was focused on IT assets like servers and workstations, but the increased connectivity of systems requires that industrial security professionals expand their understanding of what’s in their environment. You can’t protect what you don’t know.”
Practices of security teams responsible for a connected environment
- Nearly 88% of companies follow some kind of security framework or standard, and most of them are audited against the framework
- However, the industrial professionals across pharmaceutical, manufacturing, energy, chemical, nuclear, oil and gas companies, etc. believe they would benefit from the expanded ICS cyber-security standards
- About 97% of professionals have concerns about supply chain security, and another 87% agree that the current IoT and IIoT security course of action put their supply chain security at high risk
According to the statistics, some organizations are already heading in a specific direction given the rising market crisis. In light of the recent events, nearly 59% of business decision-makers revealed that the budget for managing supply chain security operations has increased in the past year.
Furthermore, as high as 99% of professionals reported that their security teams are in the practice of refusing employee requirements to connect devices. Even 43% said they often do – which indicates work is already being done to continue a smaller, connected footprint while managing inventory across the network.
Erlin concluded by citing – “It’s understandable that managing supply chain risk is top of mind for industrial security teams given the level of attack we have seen this year. Large-scale supply chain risk isn’t new, so if anything, this should encourage companies to invest in resources that help maintain a more secure environment.”