Published on the 26/02/2015 | Written by Beverley Head
Gartner estimates that right now there are barely any enterprises which have formal plans to address aggressive cybersecurity business disruption attacks via the internet of things, but things are changing rapidly…
By 2018 Gartner expects 40 percent of large enterprises will put in place formal plans to deal with the chance of such attacks.
Part of the problem that enterprise now faces is that the rapid rise of internet-of-things deployments makes them more vulnerable by “expanding the attack surface,” according to Gartner. Although the IoT can boost the amount of information available to an enterprise, streamline operations and boost efficiency, if IoT devices are not available or reliable then business transactions may not complete, damaging customer relations and damming revenue streams, and the information available to run a business day by day could be compromised.
Gartner argues it’s not possible to stop attacks completely – but that it is critical to keep a watch eye for them in order to be able to take remedial action as soon as possible.
Not surprisingly enterprise security was a theme at the TechLeaders conference in the Blue Mountains, NSW, this week.
Security intelligence business LogRhythm’s director of sales for ANZ Simon Howe warned of an “expanding cyber threat” arising from individuals wielding political, economic, ideological and criminal cyber-cudgels; “this is not about scrip kiddies in their bedroom,” he said.
Like Gartner, Howe said: “We need a change of perspective to assume we are going to be breached, that it is simply going to happen – this is not a matter of if but when. If and organisation suggests they haven’t been breached they are not looking hard enough or not looking at all.”
He said that by finer monitoring of systems it would be possible to identify breaches or attacks earlier, adding, “if we can reduce the time to detect…we massively reduce the cost of that breach”.
Some companies are also looking to offer consumer solutions to the IoT security threat. Bogdan Botezatu, Bitdefender senior threat analyst said that 38 percent of Australians now had some form of IoT smart device, and one in ten trusted their physical security to those devices – yet none had secured the devices even though “hacking your smart-home is a 15 minute job”. In April Bitdefender will launch a device called The Box costing US$199 (plus an annual service fee thereafter) which will filter traffic to IoT devices in the home, stopping all malicious attacks coming from the outside. The Australasian launch is planned for later in 2015.
Assuming the worst and systems are indeed compromised or collapsed Andrew Martin, APJ director for Zerto said that companies needed to be aware they needed to tweak their business continuity plans because the “recovery point objective needs to be much shorter, recovery time objective needs to be much faster” due to enterprise reliance on information systems. The company has sold its rapid response business continuity solutions to banking, government, finance and online retailers in Australia. It is planning to offer its service via the Amazon cloud from April.
*The author attended TechLeaders as a guest of MediaConnect.
