{"id":1781,"date":"2019-06-26T02:13:25","date_gmt":"2019-06-26T02:13:25","guid":{"rendered":"http:\/\/kusuaks7\/?p=1386"},"modified":"2023-07-20T13:46:47","modified_gmt":"2023-07-20T13:46:47","slug":"are-connected-devices-out-of-control-managing-iot-risk","status":"publish","type":"post","link":"https:\/\/www.experfy.com\/blog\/iot\/are-connected-devices-out-of-control-managing-iot-risk\/","title":{"rendered":"Are Connected Devices Out of Control? Managing IoT Risk"},"content":{"rendered":"<p>As Internet of Things (IoT) devices multiply in homes, offices, and everywhere in between, it\u2019s time we ask if our connected devices are out of control. The proliferation of these devices presents growing risk management issues for consumers and enterprises alike. Furthering the impression that connected devices are out of the control is the fact that\u00a0<a href=\"https:\/\/www.helpnetsecurity.com\/2019\/05\/09\/iot-third-party-risk\/\" rel=\"noopener\">few companies have a handle on IoT risks<\/a>.<\/p>\n<p>Here are some common ways to manage IoT risk.<\/p>\n<h2>Scan Your Network for All IoT Devices<\/h2>\n<p>Managing IoT risk within an enterprise means starting with awareness. For many enterprises, awareness starts with\u00a0<a href=\"http:\/\/blog.cipher.com\/mitigating-and-managing-iot-security-challenges\" rel=\"noopener\">scanning the corporate network<\/a>\u00a0to identify all IoT devices it touches\u2014typically a job for the pen testing team. Learning the threat landscape can help you and your security team determine the worst case scenarios that IoT devices pose to your enterprise security.<\/p>\n<h2>Set Standard Requirements for Your IoT Devices<\/h2>\n<p>When putting IoT devices within your enterprise, it\u2019s prudent to set documented standard security requirements. This documentation should be kept in a central location and available for reference by acquisitions\/procurement, IT, and\u2014most importantly\u2014your security team.<\/p>\n<h2>Extend Your Existing Security Solutions for IoT<\/h2>\n<p>Rolling out IoT can dramatically increase the number of endpoints you have to protect. There\u2019s bound to be a chance that IoT may strain the capacity of your cyber-defenses. Your IoT project team needs to work with your cybersecurity team to set up and configure new controls as needed to secure the IoT devices.<\/p>\n<h2>Include IoT in Your Security Policies and Training<\/h2>\n<p>IoT devices have snuck into more than one enterprise through either official or unofficial channels in these days of emerging technologies. Make sure that your corporate security policies reflect the implications of IoT threats to your enterprise if you have projects and initiatives that rely on IoT. If you conduct employee security awareness training, it\u2019s time to verify that your training department or external training provider has added IoT security to the training curricula.<\/p>\n<h2>Add IoT to Your Corporate Claims Coverage<\/h2>\n<p>With increasing liability concerns, you must examine your existing insurance policies and consider changes to expand or clarify coverage for possible IoT claims,\u00a0according to Risk Management Magazine.\u00a0This is one of those times that the IT and business departments need to collaborate to ensure that your organization is protected against the legal liabilities that come from an IoT-related breach.<\/p>\n<h2>Define Ownership and Escalation Paths for IoT Security<\/h2>\n<p>You should already have security processes and escalation paths in place for cybersecurity, but IoT security may call for its own ownership and escalation paths to ensure that your in-house IoT experts are on the frontlines of any IoT security threats that may arise.<\/p>\n<h2>Engage Your Corporate Board About IoT Security<\/h2>\n<p>It\u2019s also important that your corporate board talk openly about the security risks that the IoT presents,\u00a0<a href=\"https:\/\/securityboulevard.com\/2019\/04\/the-value-of-risk-committees-and-board-security-engagement\/\" rel=\"noopener\">according to Security Boulevard<\/a>. With security breaches dominating today\u2019s headlines, you don\u2019t want your IoT project to become the next headline. Therefore, engaging your board is a mark of mature security. Having the board involved can help marshal security upgrades and the needed budget for your IoT initiatives.<\/p>\n<h2>Final Thoughts<\/h2>\n<p>Concerns about IoT security risks remain at an all-time high\u2014and well they should. Your organization\u2019s move to the IoT needs to happen in step with fundamental changes to how you handle risk management, security training, endpoint security, and nearly every security and operations task in between to ensure your enterprise security in the IoT age.<\/p>\n<p>This article was originally published in <a href=\"https:\/\/it.toolbox.com\/blogs\/willkelly\/are-connected-devices-out-of-control-managing-iot-risk-061819\" rel=\"noopener\">ToolBox<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Concerns about IoT security risks remain at an all-time high&mdash;and well they should. Your organization&rsquo;s move to the IoT needs to happen in step with fundamental changes to how you handle risk management, security training, endpoint security, and nearly every security and operations task in between to ensure your enterprise security in the IoT age. It&rsquo;s time we ask if our connected devices are out of control. The proliferation of these devices presents growing risk management issues for consumers and enterprises alike.&nbsp;Here are some common ways to manage IoT risk.<\/p>\n","protected":false},"author":582,"featured_media":3111,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[195],"tags":[93],"ppma_author":[3272],"class_list":["post-1781","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-iot","tag-internet-of-things"],"authors":[{"term_id":3272,"user_id":582,"is_guest":0,"slug":"will-kelly","display_name":"Will Kelly","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","user_url":"","last_name":"Kelly","first_name":"Will","job_title":"","description":"Will Kelly is Senior Technical Writer at CSRA Inc, a provider of high-tech IT solutions to the government IT market. He has published bylined articles on a range of topics including DevOps, enterprise mobility, and cloud computing, and other technologies on sites such as SearchITOperations, DevOpsAgenda, Mobile Business Insights, CNET TechRepublic, and others."}],"_links":{"self":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1781","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/users\/582"}],"replies":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/comments?post=1781"}],"version-history":[{"count":5,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1781\/revisions"}],"predecessor-version":[{"id":29451,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1781\/revisions\/29451"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media\/3111"}],"wp:attachment":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media?parent=1781"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/categories?post=1781"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/tags?post=1781"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=1781"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}