Dubai: The biggest digital threat right now is the advent of the Internet of Things (IoT), a security industry expert said on Wednesday.
“There is never going to be a regulatory standard for IoT. There will always be new companies coming out with new devices,” Brian Gumbel, senior vice-president for worldwide sales at Forescout, told Gulf News on the sidelines of the Chief Information Security Officer (CISO) round-table hosted by International Data Corporation.
IoT refers to the growing network of computing devices embedded in everyday objects, which enables them to send and receive data over the internet. These devices can include clocks, cameras and home security devices.
The entire IoT ecosystem needs to be secured. There were IoT breaches such as [when] internet performance management company Dyn found themselves knocked off the Internet due to massive distributed denial of service attack [DDoS].”
- Ranjit Rajan | Associate vice-president for research at IDC’s Middle East, Turkey and Africa region
Gumbel said that due to companies constantly developing new devices, there is always going to be new threats.
“Last year, it was ransomware and this year it is cryptocurrency. You need to have full visibility over your entire network to detect what the next threat is going to be. Visibility is the next big thing in security. A couple of years back, we had 10 billion devices connected to the network and we will have 29 billion devices connected by 2020,” he said.
Moreover, he said that most businesses do not have full visibility over devices connected to the networks, which means that they cannot identify every device.
“Hackers have to get it right only once to gain a foothold in the network and cause business disruption,” he said.
Ranjit Rajan, associate vice-president for research at IDC’s Middle East, Turkey and Africa region, said that 2018 will be the breakout year for IoT.
“Everyone wants to leverage IoT by adding more devices and things. The devices and things are one part of the IoT ecosystem, then you have the networks, IoT platforms, analytical apps and engines, and databases.
“The entire IoT ecosystem needs to be secured. There were IoT breaches such as [when] internet performance management company Dyn found themselves knocked off the Internet due to massive distributed denial of service attack (DDoS),” he said.
With the proliferation and adding of new things to the network, he said it will add more “vulnerabilities and much more than what we had before. It is also important to have an IoT-risk assessment programme,” he said.
Digital transformation is gaining traction globally and regionally but, at the same time, security incidents are also becoming more complex and persistent than ever before, he said.
According to him 50 per cent of the global GDP will be digitised by 2021, adding that the world is at the tipping point in the digital transformation journey.
“The use and adoption of digital technologies will certainly put pressure on the current IT security management. Already, there are skills challenges and the new technologies will aggregate the situation. Security needs to be at the core of the transformation vision. Business needs to fund security and security should be a business problem,” he said.
He added that the role of chief information security officer continues to evolve.
“Now he has to be an expert on security, a trusted adviser, people manager, communicator, and be always informed,” he said.
Gumbel added that convergence between IT and operational technology (OT) is a big problem today.
OT systems are machinery equipment, assets monitoring systems and control systems.
“The convergence is where businesses are looking to drive some major efficiency gains,” he said.