Half of UK Firms Admit to Unknown Network Devices
Almost three million UK businesses could be exposing themselves to cyber-threats by having unknown devices on their network, according to new Forescout research.
The security vendor polled over 500 IT decision makers in the UK to better understand their exposure to IoT threats.
It found that half (49%) of respondents have unknown third-party devices on their networks. That represents over 2.8 million businesses at official 2018 levels. The figure is up slightly in percentage terms on the vendor’s April 2018 findings, although it could represent as many as 110,000 extra firms using the same extrapolation.
The findings come despite a vast majority of IT decision makers (85%) admitting that a lack of visibility and control of devices on their network poses a security risk.
These challenges are only set to increase as enterprises witness an explosion of IoT endpoints. Gartner predicts that there will be over 20 billion connected things in use worldwide by 2020, with business spend representing nearly half of the total, at over $1.4tn.
According to Forescout, 69% of organizations say they now have over 1000 smart devices, whilst a fifth (19%) claim they run more than 10,000 IoT devices on their network.
Over half (58%) of those it spoke to for this research agreed that by centralizing management and oversight of IT and OT, they can eradicate the dangerous security blind spots that convergence of the two functions is creating.
However, this can be easier said than done, with cultural and other barriers often getting in the way. That might account for why just half (49%) of responding IT leaders claimed to have followed such an approach.
Unfortunately, IoT security is still not being given the attention it deserves in many organizations: sometimes because devices are brought in without the knowledge of the IT department.
A Trend Micro poll of 1150 global IT and security decision-makers last year found that 43% regard IoT security as an afterthought, and only 38% get security teams involved in the implementation process for new projects.
Source: Information Security Magazine