Rethinking IoT Security: It's Not About the Devices

Rethinking IoT Security: It's Not About the Devices
Keeping IoT safe in the future will require securing the networks themselves. Focusing on the devices is a never-ending battle that will only become more burdensome.

Across the rapidly changing enterprise landscape, Internet of Things (IoT) security is top of mind for most organizations. As cybersecurity leaders, we know that the growing amount of IoT devices means more data and more opportunities for attackers.


The risk that organizations face is exacerbated by the pace of IoT adoption — a forecast from International Data Corporation estimates that there will be 41.6 billion connected IoT devices, or "things," by 2025.


In addition, the COVID-19 pandemic has demolished the enterprise network perimeter. Networks are now highly distributed, including remote branches, mobile employees, and even the home, leaving many organizations with little visibility into these IoT devices and traffic.


Further compounding the issue, these distributed networks of IoT devices, which now include personal IoT devices, are relied upon to carry sensitive enterprise data, with 98% of existing IoT device traffic left unencrypted.


Today's cybersecurity leaders need a new approach, moving past a limited focus on securing connected devices to instead create resilient networks that are ready-made for IoT.


Traditional Security Posture OutdatedEven if we ignore the lack of options for securing IoT devices themselves, there are too many and different types of devices to expect a uniform standard for device security. The challenge of scale and complexity would be impossible to solve.


While traditional IT security is designed to catch threats that have made it past the perimeter, it can take an aver ..