The Internet of Things (IoT), cloud-based service delivery, and enterprise social media all promise tremendous benefits in agility, innovation, collaboration, and marketing. Yet each carry significant new security risks. We can provide guidance on how to raise awareness and address these new threat vectors.
Many companies have reaped the tremendous benefits from IoT devices, but these new devices produce more data and demand more storage. The devices are also physical things, which change the scope of security risks. In order to defend against these new threat vectors, organizations need to rethink access and storage to strengthen security. Know the most common vulnerabilities for the IoT devices, which range from insufficient security controls to web interface authentication.
It’s important for every corporation to know the risks they are facing. Continued risk assessment is critical as new technologies present new threats. Risk assessment and incident response plans should be revisited and reflective of the on-going changes to the threat landscape.
Awareness training becomes even more critical as more employees collaborate through new innovations. Users often don’t know when an application needs to be patched, so focusing on communicating and sharing information will keep employees informed and remind them of the habits of healthy cyber behavior. Making security a consistent part of corporate culture will help employees stay alert and informed of common threats.
Layered defense, segmenting the network, and encrypting everything continue to be tactics that help to mitigate risks. Know what you are defending against and ensure that everyone has a shared responsibility in protecting the enterprise.