December 10, 2018 The Destructive Impact of a Breach

The rising need to secure connected devices in the vulnerable world of IoT.

December 5, 2018

By Doug Concepcion, Director Security Solutions Engineering at Micro Strategies

Today, businesses can no longer afford to view cybersecurity as an afterthought in the budget planning process. Due to the magnitude of the ramifications that can happen from a lack of investment in cyber security, it should be at the forefront of business efforts – helping to protect from the destructive impact that a breach can have on any organization.

Industries across the board have become a recent target of ransomware, data breaches, and cyber-attacks. IoT is quickly becoming a pressing issue for businesses, highlighting the urgency to properly safeguard any and all connected devices – ranging from smart home technology such as refrigerators, air conditioning systems, and surveillance cameras, to pulmonary medication dispensers, imaging system devices, and more.

These connected IoT devices can often be at risk due to their inability to be patched.

On that same note, the majority of these security vulnerabilities arise due to the use of unpatched firmware, as well as outdated applications and operating systems. Major breaches are also frequent through a third party performing a service for an organization. When businesses hire third parties for financial matters, they can unintentionally become a target to hackers.

Inconsistent cybersecurity and insufficient regulation are main culprits for these security risk cases. For example, in the healthcare industry, hospitals are often straggling behind when it comes to incorporating the necessary measures of device protection. Not to mention, the risk inherent in the security of patient data is only set to escalate, as more healthcare institutions inevitably implement connected devices to enhance patient care and lower cost. With these benefits in mind – the presence of various facets of IoT within the business can be expected to rapidly expand.

In fact, Accenture recently reported that In their survey of more than 1,400 C-Suite executives, including Chief Information Security Officers, 77 percent of respondents said IoT technology will increase cyber risk moderately to significantly. The report also showed that top executives are also highly concerned with potential dangers of sharing data with third parties, with more than 70 percent of respondents saying they expect data exchanges with strategic partners and other third parties to raise cyber risk – and 80 percent anticipating that the number of third parties and strategic partners in their ecosystems will increase in the next three years.[1]

So, an ever-prevailing voice in the minds of providers is asking how to best secure these devices.

One way to combat these risks is by leveraging machine learning. Machine learning enables data exchanges to be monitored both within the organization and with external parties, to detect anomalies that fall outside of what normally occurs. Machine learning can also lend a hand in predicting threats, by analyzing historical data from specific trends, which can then be evaluated from the big data produced by the algorithms.

Machine learning has the ability to detect activity on the network and endpoints in real-time, therefore equipping an organization with all-inclusive enterprise detection and protection technology, and enabling the monitoring of activity across all devices.

An important factor to note is that machine learning cannot rely on legacy systems. Failing to update back-end systems can produce a harmful domino effect, as hackers now have tools that can easily outsmart these dated systems. In order to protect the business, patients, and data alike – companies need to pair behavioral analysis with supervised machinery, also known as: human monitoring of the technology. When this, alongside data loss prevention and endpoint security technologies are properly integrated, it can avoid the potentially disastrous consequences of a breach that goes undetected.

Of prime importance is the fact that in order for organizations to preserve control of these systems, constant visibility is key. While connected devices can vastly help industries as a whole and consumers alike, in the same breath, they can introduce significant threats and serve as points of detrimental entry.

The main point here is to not let your connected infrastructure become poorly managed. These IoT devices are more than just technology; they are gateways to help save lives, while simplifying and bettering healthcare services as a whole. Working with partners who are experts in cybersecurity can paint a clear picture of your current connected framework, and set the organization up to be best secured in an ever-expanding Internet of Things environment.

About Micro Strategies
Leveraging extensive business process and IT expertise, Micro Strategies utilizes technology to deliver business results. Its consultative and customer-centric approach allows the tailoring of end-to-end solutions from infrastructure to line-of-business software for organizations across a range of industries. For more information, go to https://microstrat.com

Douglas Concepcion
Doug is an IT security professional with over 23 years experience in networking and security. Currently he leads the Security Department at Micro Strategies and acts as the corporate CISO where he manages Incident Response Teams. Additionally, he consults for companies looking for CISO level assistance.

Doug’s past security roles included the United Nations and one of the largest non-profit health care systems in the US. While at the United Nations he developed the present IT architecture, addressing their security and networking requirements as well as implemented the Disaster Recovery and Business Continuity Plan for the organization.

Doug was nominated for Information Security Executive of the year, has been featured in numerous publications and is an accomplished IT Security Public Speaker.

[1] https://www.accenture.com/t20180710T092919Z__w__/us-en/_acnmedia/PDF-81/Accenture-Build-Pervasive-Cyber-Resilience-Now-Landscape.pdf

Subscribe to Industry Today