Connected devices are increasingly being targeted by hackers and cybercriminals. Deloitte shares five tips on how companies can better protect their IoT devices.
Secure IoT devices-Internet of Things (IoT) devices have proliferated in recent years with more connected devices hitting the consumer, commercial, and industrial markets. Smart TVs, smart speakers, smart appliances, thermostats, light switches, security systems, health monitors, medical devices–these are just a few of the many types of internet-connected devices that have arisen.
But the greater ubiquity of IoT devices has naturally aroused the interest of cybercriminals, who are actively seeking to compromise them, plant malware, and steal information. In a report released on Thursday, Deloitte shares several ways that organizations can better secure their IoT devices.
With the number of IoT devices set to jump well beyond 41 billion by 2025 according to research from IDC, governments are already getting involved in the effort to secure them. California is set to launch a new Internet of Things Security Law on January 1, 2020, which will require that all IoT devices be outfitted with reasonable security protection. As such, organizations should already be prepping ways to protect their connected devices. Companies that deploy IoT devices in their environments should beef up their security measures, while manufacturers that make connected products should ensure that they’re secure by design.
“The risk of compromise to a connected device is too great to ignore and often too late to reactively respond to,” Sean Peasley, partner for Deloitte & Touche LLP and IoT security leader for Deloitte cyber risk services, said in a press release. “Organizations should adopt a proactive, secure-by-design approach while strategically and intentionally working to monitor and patch outdated legacy equipment, software, and infrastructure.”
Five best practices
To help manufacturers, businesses, and other organizations better secure their IoT devices, Deloitte offers the following five best practices:
- Take note of every network endpoint added. Every endpoint added to your network creates more areas through which cybercriminals can attack. Deloitte advises organizations to bring as much of their endpoint footprint as possible under their security management. Spending on IoT endpoint security is expected to rise to more than $630 million in 2021, according to Gartner analysts. Once more of these connected devices are properly managed, integrating security tools can become a more effective process.
- Align operational technology, IT, and security. In addition to deploying IoT devices, organizations are managing digital transformation projects at the same time. But less than 10% of cyber budgets are allocated to these efforts, according to a “Deloitte Future of Cyber” study. To successfully achieve their goals with their IoT initiatives, companies need to understand the enterprise and cyber risks, create a plan to prioritize and mitigate those risks, and then align the process across all the major stakeholders, including operational technology, IT, and cybersecurity. “IoT spans operational environments as much as it includes wearables, connected cars, and products.” Peasley said. “Organizations should proactively plan for how to identify, track, patch, and remediate around how it all could impact their organizations and ecosystems.”