In a new report commissioned by Palo Alto Networks, the global cybersecurity company, heart monitors, kettles and exercise bikes and other connected devices are found to be regularly connecting to corporate networks in Hong Kong. This has prompted technology leaders to warn that significant action needs to be taken to prevent these devices from being used to hack into businesses.
The new report looks at practices for securing the internet of things (IoT) and is based on a survey of 1,350 IT business decision-makers at organizations with at least 1,000 employees in 14 countries in Asia, Europe, the Middle East and North America.
Overwhelmingly, 91% of Hong Kong respondents report a rise in the number of IoT devices connecting to their networks over the last year. One red flag emerged: 31% of respondents said they need to make a lot of improvements to the way they approach IoT security, and 37% said that a complete overhaul is needed, amounting to more than two-thirds of those polled.
“Devices that employees innocently bring onto an organization’s network are often not built with security in mind, and can be easy gateways to a company’s most important information and systems,” said Wickie Fung, managing director, Hong Kong and Macau at Palo Alto Networks. “To address that threat, security teams need to be able to spot new devices, assess their risk, determine their normal behaviors and quickly apply security policies.”
Palo Alto Networks released the survey as part of its ongoing efforts to shed light on security threats posed by the surge in deployment of internet-connected devices. Business Insider Intelligence forecasts there will be more than 41 billion IoT devices by 2027, up from 8 billion last year.
One in five (20%) of those surveyed reported that they have not segmented IoT devices onto separate networks – a fundamental practice for building safe, smart networks. Only 21% reported following best practices of using microsegmentation to contain IoT devices in their own tightly controlled security zones.
“Traditional networks are ill-equipped to handle the surge in adoption of IoT devices,” said Tanner Johnson, senior cybersecurity analyst at Omdia. “Device behavior baselines need to be established to allow for new recommended policies to help stop malicious activity. For instance, it would raise a flag if a connected thermostat started transmitting gigabytes of data to an unfamiliar site.”