CISOs Increase Unauthorized Device Detection to Combat Expanding Attack Surface
Paul Paget, CEO – Pwnie Express – Boston, MA, USA
2015 will see the rise of security issues associated with BYOD and IoT devices at work, which simultaneously improve productivity and increase the total attack surface area. With this expanded surface area, continuous detection will become both more challenging and more important – especially at remote and branch offices where a corporate security presence often is less prominent. CISOs/CSOs will need to invest in increasing the visibility and monitoring of their entire company network for rogue and/or unknown devices while maintaining strong preventative security. Adding to the new security paradigm of BYOD and IoT devices, an HP-commissioned survey found that 70% of all commonly used connected devices contain serious vulnerabilities, meaning that the surge of IoT and BYOD devices connecting via wireless, Bluetooth, USB, etc. will introduce more potential breach points into the enterprise. Combining HP’s research with IDC’s latest prediction that 90% of all IT networks will have an IoT-based security breach within two years, 2015 will be the year to implement new IoT and BYOD security policies and technologies. CISOs/CSOs will shift towards finding the right balance between prevention and detection, including smartly investing security budgets in high-impact initiatives such as real-time monitoring and alerting for unauthorized and rogue devices. As BYOD and IoT devices increase security risks, the only way to prevent an attack or effectively respond when an attack gets through is to know how and where it’s happening.
- BYOD and IoT Security
- Detection of Wired, Wireless, Bluetooth and All Other Devices
- Continuous Visibility Into What Is Connected Across the Enterprise, Both at Headquarters and Remote and Branch Offices
Direction for CSOs:
- Focus on what you’re investing money in, not how much money you’re investing.
- Embrace the productivity benefits of BYOD and IoT devices, but ensure visibility to offset the potential security risks that accompany their use.
- Remember that attackers seek the weakest link, which is often the remote or branch office.