the internet of opportunities risks things · 2019-08-22 · the internet of opportunities risks...
TRANSCRIPT
P res e nte d by
AN IoT IN THEENTERPRISE
VISUAL REPORT
THE INTERNET OFOPPORTUNITIES
RISKSTHINGS
1206:15
Organizations that believe their competitive advantage is dependent on the Internet of Things (IoT)72%
Source: Verizon
The Early Word
MANUFACTURING
66% 61%
Monitors risks, secures company assets and increases staff safety
Improves the reliability or performance of products and services
HEALTHCARE
54% 82%Enhances products and services with information
Streamlines and automates back-office processes
Here’s what those deploying IoT have to say about their experience so far
Source: Verizon
RETAIL
84% 89%Improves experience through informationexchange with customers
Offers greater insight into customer preferences and behaviors
TRANSPORTATION AND DISTRIBUTION
83% 83%Provides greater visibility into operational performance and risks
Drives the creation of new business models
FINANCIAL SERVICES
77% 77%Provides a critical competitive advantage
Provides opportunities to collaborate with new partners
Source: Verizon
A quick look at what’s happening now — and what’s ahead
85% Organizations exploring or implementing an IoT strategy
25% Testing or implementing IoT-related projects
66% Devices now number inthe thousands
32% Greater than 5,000 devices across organization
Source: AT&T
The Next Big Thing?
W H E R E E N T E R P R I S E S A R E I N V E S T I N GA S T H E Y P R E P A R E F O R I o T
Security
46%
42%
Infrastructure
39%
46%
Bandwidth
39%
39%
Third-party solutions providers
30%
30%
Hosted solutions
34%
25%
Applications
31%
41%
IoT device staff
10%
19%
Analytical capabilities
25%
37%
IoT device managers
12%
49%
Today
Next 12 months
Source: Spiceworks
Gartner estimates 4.9B objects are nowonline as part of the Internet of Things
Gartner predicts the Internet of Things will be made up of
units by 2020
The Internet of Thingswill generate
in net profit for enterprisesover the next decade
Source: Cisco
25B
$14.4T
Cause for Concern
1 in 3IT pros who feel their organizationis unprepared for a complex cyberattack
A lack of faith in security protocols doesn’t bode well
73%
Think their company will be hacked through an IoT device
72%
Lack confidence in the security measures implementedby IoT device manufacturers
90%
Say IoT devices have security and privacy issues that need to be addressed
84%View IoT devices as a top security concern due to increased network entry points
50%Say their department isn’t fully aware how many IoT devices are in use
Sources: Spiceworks, ISACA
47%Expect a cyberattackin the next year
38%Lack the time and staff
NEARLY HALF OF IT PROS DON’T MONITOR IoT DEVICES
47%Don’t see the value
37%Lack the budget
Source: Spiceworks
Insufficient password protection
80%
WHAT MAKES IoT DEVICES A SECURITY RISK?
80%Serious privacy concerns
70%Hackers can identify user accounts
70%Doesn’t encrypt data to the Internet/local network
60%Doesn’t encrypt data during software download
Source: Economist Intelligence Unit
THE MOST COMMON SOURCES OF IoT BREACHES
SNEAK ATTACK: IoT-RELATED HACKS
53%Smart watches, fitness trackers, and other wearables
50%Security camera and other video equipment
46%Locks, gates, and other physical security measures
45%Appliances
41%RFID readers, badge readers, and other sensor devices
39%Thermostats and other environmental controllers
32%Projectors and other peripherals
Source: Spiceworks
Country: Saudi Arabia
Target: Saudi Aramco oil company
Country: Germany
Target: Undisclosed steel mill
Responsible group: Unknown
Act of cyberterrorism: Gained control of smelting furnace, causing it to overheat
Damage: Significantly interrupted mill operations
Responsible group: Cutting Sword of Justice
Act of cyberterrorism: 35,000 workstations breached
Damage: No production impact, though recovery took several months
Source: CNNMoney Source: Wired
Funding the Fight How enterprises are budgeting for the battle against hackers
68%Say their companies
are investing in IoT security in 2016
50%of those are earmarking at least
25%of their security budget
Source: AT&T
ALLOCATIONS FOR IoT SECURITY
44%0-25%
32%26-50%
14%51-75%
4%76-100%
0-25%
26-50%
51-75%
76-100%
Start by thinking about the security impact. What protocols should you put in place? Those concern-ing data transport, privacy, and storage are no brainers. Which is why you should give deep thought to anything you might have missed. Chances are, you’ll have to satisfy either legal or regulatory concerns (perhaps even both).
From there, you’ll want to move on to how you verify IoT devices. Are they intelligent enough to self-identify, or will you need to help them along? Then, there’s the issue of authentication. While some have a native root of trust, others don’t.
Better Safe Than Sorry
What you can do to minimize your IoT liability
When it comes to adopting IoT devices, we offer this advice: be cautiously optimistic. As the preceding facts and figures show, there’s just as much risk as reward. So how can you get the carrot and not the stick?
Beyond recognizing devices, you’ll have to decide how much access you’re willing to grant. You don’t want to impede usability with overly restrictive precautions, but you’ll want to weigh the level of risk in every imaginable scenario. For instance, do you implement lockouts? If so, are they based on idle time or number of attempts?
There’s also the issue of encryption. You’ll likely want to safeguard data as it comes and goes. SLS/TLS encoding is tablestakes, as is a firewall and deep packet inspection. Additionally, you could proactively embed protective measures into the devices (or gateways). The options include antivirus software, whitelisting, and memory protection.
Across a device’s life cycle, you’ll want to require cryptographic signatures, conduct penetration tests, and push patches as required. And what action do you take in the throes of an incident? Do you quarantine or completely shut down? Anything can happen — and likely will — so it’s best to have contingency plans in place.
While all of this seems like an enormous amount of work, the potential upside is indisputable. Enterprises deploying IoT at scale are gaining efficiencies in customer-facing, back-office, and supply-chain operations. You can, too. Using the insights we’ve shared here, you should be able to plan carefully and execute flawlessly.
Anything can happen — and likely will — so it’s best to have contingency plans in place.
PLAN
APLAN
BPLAN
C
For more insights, visit tektonikamag.com
© 2016 HP Development Company, L.P.