Andrew Hay to moderate a panel at the RSA Conference
Do you know many Internet of Things devices are currently connected to your company’s network? More importantly, do you know if any of those devices contain vulnerabilities that could leave your sensitive data exposed to hackers and thieves? Recent findings show that 50% of organizations surveyed believe the IT department is unaware of all the company’s IoT devices and 73% rate the likelihood of the organization being hacked through those devices medium or high. Yet few companies have policies in place to govern how employees use these devices—the same study found that 73% of IT professionals don’t believe that IT industry security standards sufficiently address the IoT.
Fitness trackers, smartwatches, wireless speakers and the like are connecting to corporate networks every day—even in highly regulated industries—without undergoing the same level of scrutiny as appliances introduced by the IT staff. Our CISO Andrew Hay, an expert in IoT security concerns, says, “We’re just plugging these into the sensitive networks, when they’ve been designed for the home and tested only as consumer devices.” Andrew says when he began his research in 2014, he was surprised to find so many consumer storage devices connecting to the Internet in regulated industries like healthcare and financial services. In many cases, they were connecting to infrastructure that was susceptible to patchable vulnerabilities.
At the 2016 RSA Conference, Andrew will lead a discussion on the security implications of consumer IoT devices being introduced into modern business environments. The discussion, Enterprise Security Concerns for Consumer IoT Devices, is designed to explore the known threats and vulnerabilities of employee-owned connected devices. The session will also cover security policies, procedures, and controls that organizations can put in place to protect themselves and their data.
Attending the 2016 RSA Conference? Check out Andrew’s panel on Thursday, March 3, 2016, 3:20 PM – 4:10 PM.Like This