<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=522217871302542&amp;ev=PageView&amp;noscript=1">

You, Me, and the IoT… How Secure Are We?

Posted by John Komer on Jan 24, 2019 6:08:37 PM

I first heard about the Internet of Things (IoT) in 1999 during a meeting at the World Trade Center in New York.  In attendance were some ‘heavy hitters’ - Samuel J. Palmisano, IBMs Senior VP of Government Services (and now a White House cybersecurity consultant), Cisco’s CEO, John Chambers and Harvey Gallop, American Express’ CEO.

During the meeting, Chambers claimed the IoT would “fundamentally change the way we live, work and play.” I briefly pondered the significance of his statement then quickly turned my attention back to the immediacy of my more pressing commitments – managing the real-time needs of ensuring my customers’ cybersecurity.

 Fast forward 20 years to an FBI briefing I recently attended where one of their Agents warned a local company about the hacking of the company’s IoT-networked beverage machine. Predictably, the warning was ignored and the Agent, along with many of us who evangelize the vulnerability of IoT devices, left frustrated. Considered by hackers as “treats,” IoT-networked devices provide unprotected points of access to company data. Sadly, this  company failed to heed the Agent’s warning and weeks later called, seeking help - their beverage machine had been penetrated and was sending detailed information poached from their network. Because the call was after the fact, much damage had already occurred.

 Weeks earlier, In a separate incident, I attended a meeting with a world-renowned cyber expert discussing threat actors who use drones with cheap Wi-Fi extenders to access a company’s wireless network. Doing so, they steal the credentials during the day, then later return using the stolen credentials to gain access to company data.

The following was published in separate reports by the Ponemon Institute(*) and Verizon(*)

  • 62 percent of all mid-size business breaches were targeted hacks
  • The average time from a cyber breach until discovery is six months
  • 73 percent of breaches are from outside threat actors
  • 60 percent of small business, under 100 employees, close with six months of a breach
(*)       Verizon DBIR, 2018
(*)    Ponemon State of Cybersecurity in SMB, 2017

Given the vulnerabilities IoT-networked devices present, it’s perplexing to me why this threat is not being closely monitored and addressed. Are you paying attention? If not, you should or risk being that company mentioned above whose data systems were breached using simple access, courtesy of unprotected IoT-netwoked devices. South Africa and Europe are experiencing spikes in cybersecurity breaches resulting from compromised IoT devices. The U.S. should pay heed; the migration is heading west. The Internet is full of stories discussing the need for the U.S. to address these issues, and the low percentages of companies that have actually implemented solutions (Gartner, The Death of IOT Security).

With the growth of the IoT, virtually everyone soon will have networks comprised at some level, by IoT devices. To help and protect, Tech Data has the answer. Offerings like Tech Data’s RECON™ Radar, are proven solutions that monitor wired/wireless devices, IoT devices, the RF environment and Bluetooth. RECON Radar is a 24/7 cloud-managed service that identifies, inventories, and monitors the devices connected and connecting to the infrastructure and round-the-clock people-managed behavior monitoring. RECON Radar is a monthly service that enables companies to acquire the protection at a non-cost prohibitive price. In addition to RECON Radar, Tech Data offers Fluency, a solution named used for “threat hunting,” to identify critical threats.

Recent global legislation has escalated the need for addressing privacy and regulatory compliance in all aspects of data management. Today’s IT logs often are proprietary and signature-based, containing metadata from many sources within the hosting, cloud and network environments. Legacy SIEM tools with their log management function are breaking from the overload of needed storage, scalability and the inability to read all the log data (critical to correlation). Born in the cloud, Tech Data’s Fluency solution offering, has the ability to either solve these challenges independently or augment existing SIEM tools.

Tech Data can solve all of your reasons for not having or not deploying as fast and widespread as needed. Regardless of the circumstance, it’s likely that Tech Data’s Security Solutions team has the right solution for your needs.  Explore Tech Data’s portfolio of security solutions today at www.techdata.com/security or contact us at  securityservices@techdata.com

 About the Author

John Komer has enjoyed a 40-year career in the Technology Industry. Prior to joining Tech Data as a Solutions Practice Consultant, he spent the last 25 dedicated to cybersecurity. John has enjoyed technical roles involving voice and data networks, video, data center, and security technologies, designing, and installing solutions for customers. John has held roles as sales account manager, global account manager and founder of a consulting company for cybersecurity after the 9/11 WTC attacks. John is involved in many security technology groups giving presentations and helping drive vendor involvement in these groups.

 

Tags: Cybersecurity, recon, IoT Security, cybsr breaches, Ponemon Institute, Verizon

Subscribe to Email Updates