The recent Internet of Things-based DDoS attack on Dyn heralded the beginning of a new era for businesses. For better or for worse, industry experts\u2019 warnings about the need to consider all \u201cendpoints\u201d rather than limiting security efforts to workstations and servers were vindicated.\n\n\nThe event should be a wake-up call. Already six in 10 organizations report having some form of Internet of Things (IoT) initiative underway, and only 15 percent of businesses have no plan to adopt IoT devices, according to a recent report by my organization, CompTIA. By 2020, the number of connected devices is expected to reach 50 billion, a new, massive and complex expansion of the security landscape.\n\n\nIoT networking norms are still a work in progress, complicated by competing standardization efforts. Without a unified set of behavioral expectations, business leaders must confront a \u201cWild West\u201d of connected devices. This places an emphasis on defending their organizations through proactive security focused around monitoring, threat isolation and operational contingency.\n\nSecurity monitoring and planning\n\nNow more than ever, organizations are dependent on their service providers. From DNS and web hosting to public cloud platforms, a rogue army of connected devices can do immense damage without ever penetrating your organization\u2019s defenses. In the past, only the largest and most sophisticated actors could hope to disrupt the services of major vendors, but billions of unsecured IoT devices place everyone at risk.\n\n\nWhile there are some steps organizations can take to protect their own publicly-facing assets, like DDoS protection services on high-traffic websites, many areas are out of their direct control. As a result, relying on a single vendor for a critical service exposes organizations to immense risk. Where possible, businesses should diversify their vendor relationships to ensure operational continuity even when one experiences a service disruption.\n\n\nMulti-cloud solutions will also play an important role in ensuring operational integrity. Mission-critical functions in the cloud should not be dependent on any single provider, or your business operations can become extremely fragile. An outage at one of your vendor\u2019s own partners \u2014 a firm you\u2019ve potentially never contracted with or even heard of \u2014 can interrupt your own operations. Many cloud platforms offer multi-cloud support for precisely these situations, mitigating the liability of using just one vendor.\n\nBeing a good digital citizen\n\nBusiness leaders also need to keep a close eye on their own networks, especially with regard to IoT devices. While this doesn\u2019t directly affect your own firm\u2019s security, organizations that negligently allow connected devices \u2014 like beacons or machine asset control devices \u2014 to become compromised and join in an attack are unlikely to inspire trust in their customers or the media.\n\n\nMany connected devices lack the security capabilities common to servers and workstations, forcing security professionals to concentrate their efforts at the network level. Businesses have long made use of traffic monitoring and shaping tools to improve network reliability and efficiency, but these will become essential to ensuring your firm is not an unwilling participant in the next major DDoS attack.\n\n\nThankfully, many businesses have already invested in some technology that will prove vital to long-term security as connected devices grow and diversify. In particular, network intrusion detection and prevention systems provide the oversight necessary to protect your firm\u2019s connected devices from becoming part of a malicious botnet.\n\n\nIf they have not already, now is the time to invest in network traffic monitoring tools, paying special attention to where IoT devices are connecting and how much traffic they generate. With only a minimal level of effort, organizations can use their existing firewall to monitor and control the flow of traffic from connected devices.\n\nPreparing for a more connected future\n\nThere are already nearly 23 billion IoT devices connected to the internet, a number that will more than double within four years. Organizations need to invest time and resources in defending their own connected devices from infection through enhanced network security, while reducing susceptibility to service interruptions caused by IoT DDoS attacks.\n\n\nBy focusing on both traditional security measures like intrusion detection and newer strategies like multi-cloud infrastructure, businesses can prepare to face the challenges and opportunities in connected devices without fear.