Protecting your expanding digital landscape

You can’t protect what you can’t see. Matt Poulton at Forescout explains how to keep ever-expanding digital networks secure

How many devices are on your digital network? This seems like a straight-forward question for businesses today. But in reality, when it comes to answering it, very few organisations will get it correct.

Today, companies typically use thousands of connected devices to maximise productivity, improve efficiency and cut costs. However, as their networks grow, their attack surface also expands, while the accuracy of their technology inventories decreases.

Most organisations will know the number of company-owned laptops and computers on their networks. But when it comes to smart technology, they will often have no idea.

The explosion in connected devices, such as mobiles, smart appliances and the Internet of Things (IoT), and the advent of working from home as the new normal, means they will often base their numbers on estimations, which results in them missing of as many as 30 – 40 per cent of the actual devices connected to their network.

When thinking about the consequences of this, it is far greater than just a mathematical problem. Every connected device on an organisation’s network poses a cyber-security or compliance risk when it is not secured properly. Each device therefore needs to be treated as a potentially exploitable door that cyber criminals could target.

But applying security is an impossible task when you don’t know what is on your network. After all, you can’t protect what you can’t see.

So how can businesses overcome this risk?

Take stock of your digital stock

Firstly, it is important to realise you have an unknown number of devices on your network and then you must take steps to inventory them.

Consider all devices, from connected lighting to desktop PCs, because today these are all being watched and targeted by cyber attackers. Technology leaders can then use this inventory to determine the highest risk areas and ensure proper mitigation efforts are put in place.

When it comes to carrying out this inventory, the vast expansion of networks means manual assessments are no longer viable. Instead, organisations need to implement technology solutions which can run automatic scans on their network to help identify devices.

To improve efficiency, the best tools for this task should be able track all device domains, spanning across IT, Operational Technology, Internet of Medical Things, and Internet of Things devices. These tools should also continuously monitor the network for new devices, automatically detecting new connections, so there are no visibility gaps that could put the organisation at risk.

Once you have a complete inventory of all the devices, it is time to start running security and compliance assessments. What does each device do? Who is using each device? What do the devices have access to? Are the devices compliant with industry regulations?

These are all important questions that must be asked and answered. This can also be carried through the use of technology platforms which can automatically assess the security and compliance requirements of devices continuously.

The focus must be on giving each connected device the minimum amount of privilege. This means if an attacker does gain access to it, they will have a limited ability in what they can do, how they can spread across the network and what they can gain access to.

It is also important to make sure all devices are up-to-date with the latest vulnerability patches and try to segment the network as much as possible. Keep less secure technology away from mission critical systems to prevent lateral movement attacks.

Once you have carried out this initial inventory and security assessment, it is time to move forward with automation. With cyber-security resources and skills so scare, automation is the key to maintaining a robust security posture. This means getting to a place when security platforms can automatically run these network inventories and then apply security and compliance requirements to each device as the network expands.

Device discovery, classification and assessment isn’t a once-and-done activity. It must be completed automatically upon the connection of each device and continuously thereafter, as configurations change.

Visibility – the key to a secure future

Cyber-security breaches have become the new normal for businesses today and their risk exposure grows as their networks expand. It is therefore critical that they take steps to reduce this risk by improving visibility of all connected devices and taking steps to secure them against cyber threats. 

Visibility and asset management lay the foundation for network security. You can’t protect what you can’t see. The number of connected devices will continue to rise as more functions become “smart” or automated. That’s called progress, but security needs to keep up with the pace of innovation.

The best way to achieve this is through the implementation of security automation platforms that can monitor, assess and remediate device risks continuously. This will ensure security runs in tandem with digitalisation, allowing organisations to reap all the benefits of smart technology and innovation securely.

Matt Poulton is GM & VP EMEA at Forescout

Main image courtesy of iStockPhoto.com