What are your top IoT security concerns?

1.2k views5 Comments

Director of IT in Software, 1,001 - 5,000 employees
Now that we're in this COVID environment, the main thing we're talking about is securing our devices, assets, the networks they leverage, and such. We're actually going through a device trust roll out right now, to train everyone on how they should manipulate these devices that we're enabling and empowering them with to be effective and efficient.  The main thing is securing these devices. Yes, we like to have cool things, we like to have things operate quickly.  But the thing that keeps me up at night is, what are we introducing to our environment? What kind of vulnerabilities are we creating by allowing more tools to exist? How can I make sure we're being safe and secure?
1 2 Replies
CISO in Software, 51 - 200 employees

I had that issue at a previous company.  Once we engaged with Armis we could discover all the devices we had in our environment, it turned out that we had 100x more than what we thought we had. We were discovering cars, watches, cameras, and everything else.  It turned out one of our cameras on one of our buildings was compromised, and that's how the attacker got into our environment. Armis could detect what's normal behavior for this type of device, since you can't put an agent on it, and if it does something out of the ordinary it would catch it and tell you about it.  That's where we went with this kind of security.

Director of IT in Software, 1,001 - 5,000 employees

We've launched a new platform within our marketplace called DashMart. We're essentially building warehouses across the US now, that are housing my network equipment. We have people in these warehouse capacities who are working shift work around the clock which introduces new vulnerabilities that are touching and living within my corporate network. I can't fight it. So I have to find a way to secure it. I can't stress that enough.

CISO in Software, 51 - 200 employees
I've been doing healthcare IT for the last 17 years, and whether we knew it or not, if you're running a lab, then you have all these robots, machines, etc. that are on your network. They’re either connected through a serial port to a computer that never gets patched, or it could be an X Ray machine at a hospital...it could be anything. I know a lot of people are struggling with protecting all these devices which are unmanageable.
VP of Technology, 51 - 200 employees
I was reading an article saying how in 2018 there were over 20 billion IoT devices connected, but by 2025 they expect it to be close to 80 billion IoT devices.  The way we’ve been dealing with IoT is securing the corporate Wi-Fi, the network, and making sure that there's some type of authentication to get to some of the crown jewels, if you will...and then just keeping it as an untrusted network. We just say “Here is our mobile Wi-Fi” and tons of things connect to it. We have the occasional apple watch on there, or someone’s personal phone, etc.  The reality now is these same clients are connecting from their home networks.  So the perimeter has suddenly expanded.  Before, I’d worry about having nest devices in our corporate office.  We’d make sure it's locked down.  We have devices that would ping me about something happening with traffic that I should take a look at. But now, the devices are in somebody's home network.  Who knows what type of devices they have in their home and which one gets compromised... and then boom, there's your attack vector. 5g is going to help, but the amount of IoT devices is just mind boggling.

Content you might like

Cyber insurance with ransomware coverage44%

Law enforcement contact(s)44%

Ransomware response plan60%

Ransomware task force/team39%

Bitcoin account for ransomware payments14%

Disaster recovery site33%

Other (comment below)1%



Fraud mitigation19%

Protection of reputation and brand56%

Protection of consumer data19%

Regulatory or compliance requirements6%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
42.2k views131 Upvotes319 Comments