It’s estimated that in 2022 there are more than 23 billion connected devices around the world. In the next two years this number is likely to reach 50 billion, which is cause for concern. With so many devices linking systems it is going to create more vulnerabilities and more risks for businesses.
There’s absolutely no doubt that cyber security is an essential for every business. Most are confident that they have an attack surface in place. But with ever changing threats how do you know if it’s sufficient? Especially with the increase in the number of connections and the very real risk that many assets aren’t known or visible.
Why visibility matters
Cyber security is about protecting business assets to maintain the ability to operate effectively. But without knowing what technology asset’s a business has, how they’re connected and what their purpose is, it’s difficult to manage and secure them. More critically, it’s impossible to make good decisions about cybersecurity or business operations.
When taking about assets, this goes beyond computers or network routers in an office. It could be a sensor on a solar array linked to an inverter that powers a commercial building. In the medical field it could be a scanner or a diffusion pump in a hospital. Understanding what version of operating system (OS) a medical device has is as important as knowing what software the accounting system runs on. A very old version may no longer be supported and this could lead to vulnerabilities, given how connected systems are.
As an example: A medical infusion device was hooked up to a patient in a hospital. It the middle of the treatment it was observed that the device had malware on it. Normally the response would be to shut an infected device down and quarantine it. But in this particular medical context it wasn’t possible because it could have affected the well-being of the patient. Instead, it required a different approach. Nursing staff were sent to sit with the patient and monitor them to make sure the malware didn’t affect the treatment they were receiving. Then plans were set in place to begin to isolate the device as soon as the treatment was completed, and send it in for remediation. This highlights why context is so important.
Understanding what assets form part of business also requires understanding their context at a deeper level. Where are the assets located? What the role they perform? How critical are those assets to business operations and continuity? What’s the risk if they become compromised? And how do you remediate any vulnerabilities that are found?
Has work-from-home increased system risks?
At the start of the pandemic the priority for many businesses was continuity. i.e. finding ways to enable employee to work from home and have them connected to all the systems they needed to be, in order to achieve that. It’s fundamentally changed the way of working, especially as many businesses continue to embrace work from home and hybrid flexible working models. Employees have access to databases, SaaS systems, and they’re interacting with colleagues in locations across the globe. It’s all been made possible by the ability to connect anywhere in the world, but it’s not without risks. Now, post-pandemic, many of the vulnerabilities are starting to come to the fore and businesses aren’t always sure how to manage them.
In terms of assets, it’s resulted in an acceleration of a porous perimeter because it’s allowed other assets to be connected to the same networks that have access to corporate systems. By creating an access point for users, it has opened up connectivity to supposedly secured business operating systems through other devices that have been plugged in. Worse is that most businesses don’t have any visibility as to what those connected devices are. Without a way to scan an entire system to see what’s connected, where it’s connected and why it’s connected, it leaves a business vulnerable. These vulnerabilities are likely to increase in the future as more and more devices become connected in the global workplace.
What are the critical considerations for business enterprises moving forward?
Currently there is too much noise on systems and this is only going to get worse as connectivity increases. Businesses need to find ways to correlate and rationalize the data they’re working with to make it more workable and actionable. This will help to provide context and allow businesses focus on the right things that make the most impact for the business, such as are continuity of business operations and resilience.
An example is being able to examine many different factors about an asset to generate a risk score about that particular asset. This includes non-IT assets that typically aren’t scanned because there isn’t an awareness that they exist. The ability to passively scan for vulnerabilities across all assets enables businesses to know what they’re working with. It gives teams the opportunity to focus on the critical areas of business and supporting assets - both primary and secondary. Just having the right context enables people to make better decisions on where to prioritize their efforts and resources. This ability to focus is going to become even more critical as the volume of assets and connections increase globally and the risks and vulnerabilities alongside them.
To learn more about getting a handle on business deployments listen to a recent SynerComm’s IT Trendsetter’s podcast with Armis in which they discuss the topic in more detail. Alternatively, you can also reach out to Synercomm.