Forbes just reported that “the average cost of a data breach has reached $4 million, up 30% from 2013.” The article shows that time is of the essence when measuring the costs a breach may inflict. For example, if the breach is identified in less than 100 days, the cost is averages a mere $3.23 million while those that were undiscovered until after 100 days could cost an average of $4.38 million for repairs and reparations. What a difference a few days can make when it comes to controlling the costs associated with repairing the damage of a data breach.
No company is immune to data breaches. Every organization, whether it’s in manufacturing, retail, transportation, communications, real estate or any other industry segment, faces a security threat from its Internet of Things (IoT).
These “things” refer to any physical assets that connect to the Internet. Printers, servers, conference phones, security cameras, production-line robots and even HVAC systems connect to the Internet to provide access, oversight and convenience. As prolific as IoT is, we are still at the tip of the iceberg with Gartner estimating that 21 billion devices will be connected by the year 2020.
Leverage the Value of IoT – But Make it Secure
With all the convenience IoT provides to access and control systems, at the same time it creates new opportunities for hackers to gain access to your networks and sensitive data. But today’s hackers are not just interested in stealing credit cards or social security numbers, they also target research and development files, business plans and confidential corporate communications. It all has a value on the black market. The need for cybersecurity is critical in today’s environment.
How can you leverage IoT technologies for the value it brings to your organization without allowing hackers access to your system? Avoiding the adoption of new technology is not a feasible long-term answer. Rather, proceeding with caution and understanding security risk and vulnerabilities associated with these technologies is necessary.
Here are three key suggestions from our Cyber team:
- Do your homework. Understand the vulnerabilities in IoT technologies you integrate into your organization. Their vulnerabilities become your vulnerabilities. Routinely check for vendor updates and publicly published security advisories for the devices you use.
- Conduct regular penetration testing. Hire experts to help you expose vulnerabilities through regular penetration testing.
- Use a layered defense. Use firewalls and other forms of access control to prevent attackers from gaining easy access to devices.
As the IoT continues to permeate every organization, hackers will increasingly target IoT devices. Take time to understand where vulnerabilities exist in your system through regular cybersecurity checks.
I look forward to hearing your comments or questions.
For weekly insights into enterprise complexity, please sign up here: