Network Security

What’s on your network? The growing visibility challenges of connected devices

What’s on your network?  The growing visibility challenges of connected devices
Written by ga_dahmani
What’s on your network?  The growing visibility challenges of connected devices

Former Google CEO Eric Schmidt ushered in the future with this prediction 2015 that went viral: “The Internet is going to disappear. There will be so many IP addresses… so many devices, sensors, things you wear, things you interact with, that you won’t even notice. It will be part of your presence all the time.” She was describing the Internet of Things: physical objects like wearable health monitors and smart vehicles, but also complex building automation and transportation logistics systems that are connected to the Internet and can send and receive data from other connected devices. IoT devices continue to multiply in use, bringing organizations of all sizes greater efficiency, innovation, and productivity. But with these benefits also comes an increase in the cyberattack surface as each new device comes online.

CIOs and chief information security officers must have visibility into all devices on their network to mitigate risks and protect their networks. However, in many cases, the number of known devices connected to the Internet within a cybersecurity framework is only a fraction of the reality of the network, putting organizations at higher risk of a cybersecurity attack. As reliance on IoT grows across industries, the need to address cybersecurity risk, including all connected devices, is imperative.

Understanding “Surprise” Visibility

IoT is now a ubiquitous term in our daily lives, whether at home through smart devices or at work through cameras and laptops.. Businesses often leverage thousands of connected devices or digital assets to maximize productivity and efficiency. Their number increases over time, as new assets are added to the network, whether through acquisitions, innovations, or organic company growth. As networks become increasingly complex, gaining end-to-end network visibility becomes essential. While some traditional network monitoring and visibility tools are still useful, businesses can struggle to get enough visibility when it comes to newer, more advanced network technologies.

These devices are connected in dozens of ways and run an endless mix of operating systems and software. Between the explosion of IoT devices and the advent of working from home as the new normal, businesses can greatly underestimate the true breadth of their network. In Forescout’s experience, most organizations have a gap between what they think is connected to the network and their reality. This gap can lead to organizations being unaware of 30-50% of their actual devices.

With the increasing number and type of devices, it has become increasingly difficult to identify them all. You need to understand the volume and diversity of devices, as well as their security posture, behavior, and who is using them. Given the variety of devices, a variety of tools such as traffic monitors and scanners are needed to detect each asset on the network, determine what is running, and ensure it complies with current security policies.

Visibility Challenges Affecting Major Industries

Modern network technologies can create huge efficiencies in a business network. The drawback, of course, is the added complexity. This complexity transfers to the system’s ability to monitor and measure performance from one end of the network to the other.. What usually happens is that one tool monitors device-based network components, while another monitors virtual routers, switches, and firewalls. This complicates end-to-end visibility and can create blind spots.

in 2020, an in-depth review of the technology IP stacks used by millions of connected devices around the world. The team identified 97 different types of vulnerabilities in these stacks.

The study showed that government, healthcare, manufacturing and retail environments had the most vulnerable devices. Healthcare and manufacturing environments specifically face a high number of device vulnerabilities per capita. Is it among the riskiest Internet of Medical Things (IoMT) devices? Infusion pumps and medical imaging systems. In manufacturing, equipment and processes that once required physical inspection and operation are now operated by operational technology (OT), often remotely.

On top of that, manufacturers like automakers work with the most number of different suppliers. This creates specific challenges in gaining supply chain visibility.

So what should companies do?

First, accept that you have many unknown devices on your network and understand that actionable visibility into those devices is the foundation for aligning the reality of your network with your security framework. Tech leaders don’t want to admit they don’t have control over their network, but wherever you are, that’s the starting point.

Now take a full inventory of all known devices and their risk profile. Get to know each device, classify it and assess its compliance with your security policies. Automation is key, given scarce IT and security resources. Getting tools to work consistently from one network or cloud to the next is another challenge. Strong visibility management can orchestrate communication and workflows between security tools so they work more efficiently. Bottom line: All IoT, IoMT, OT and IT devices need to be considered. Technology leaders can use this inventory to determine areas of greatest risk and ensure proper mitigation efforts are in place.

Device discovery, classification, and evaluation is not a one-time activity. It should be done automatically when you connect each device and continuously thereafter as configurations change.

A more visible future

Cybersecurity breaches have become routine, but that hasn’t reduced their impact. The threat landscape continues to change and evolve. The number of connected devices will continue to increase as more functions become “smart” or automated. That’s good news, as long as your security programs keep up. Visibility and asset management lay the foundation for network security. You can’t protect what you can’t see. The number of connected devices will continue to increase as more functions become “smart” or automated. That is called progress. Just make sure your security programs keep up.



The opinions expressed above are those of the author.


About the author


Leave a Comment