Armis advises decision-makers in companies to rely on simple overall solutions for their asset management
[datensicherheit.de, 16.12.2021] The results of a current large survey by Armis for the so-called DACH region (Germany – Austria – Switzerland) show, according to their own information, that decision-makers are looking for simple overall solutions for the asset management of their devices networked via the Internet of Things and Services (IoT) and machines should put. In this online survey, YouGov Deutschland GmbH asked people who “Work at least in middle management and / or in IT”: Overall be 1,305 people interviewed – 505 of them in Germany, 400 in Austria and Switzerland each Taken September 17, 2021.
Foto: Arms
–
Alexander Bünning: When it comes to assessing the risk of undiscovered IoT devices in companies, opinions are divided …
Far too few decision-makers in companies have an overview of all their IoT devices
Armis has announced the results of a survey from September 2021 for the DACH region. Their results made it clear “That too few decision-makers have an overview of all IoT devices and do not have suitable measures for detection and classification”. In the DACH area less than the half of the 1,305 respondents said they knew the exact number of IoT devices they used (45% each in Germany / D and Austria / A and 44% in Switzerland / CH).
Bünning comments: “When it comes to assessing the risk of undiscovered devices, opinions are divided. The number of respondents who rate the risk as ‘low’ roughly corresponds to the number of those who rate the risk as ‘high’ (36% in Germany, 37% and 38% in A, 35% and 38% in CH). “ The other participants made up their minds about it no thoughts or could not make a statement on this.
Hardly half of the respondents saw a risk in the IoT devices that were not recorded in their company …
“Nevertheless, in the following question, the majority thinks it is ‘likely’ or ‘very likely’ that their devices will forward data over the Internet and that their devices and thus their data can be accessed (65% in Germany, 72% in A and 74% in CH) “, reports Bünning. However, around half of the respondents in Germany and Austria (46% and 48%) would reluctant to do without IoT devices in favor of higher data security, in Switzerland 41 percent.
Only about half of the respondents in Germany and Austria are sure “That all smart devices are recorded in your company (51% in Germany, 53% in A), in Switzerland 46 percent are certain”. The rest some guess Coverage gaps. For less than half of the respondents discontinued IoT devices that were not recorded “Risk to IT security” (42% in D, 43% in A and 37% in CH). Only 14 percent of the respondents from Germany and Austria know commercial application platforms for recognizing and classifying IoT, in Switzerland twelve percent. In Austria and Switzerland, more than half (54% and 51%), and in Germany 44%, assumed that a competent IT team would need a manual search for undiscovered devices.
Undiscovered IoT devices are, in principle, a security risk for every company!
Bünning emphasizes expressly and warningly: “Undiscovered IoT devices represent a security risk for every company, because they communicate via the Internet and thus represent an unknown gateway.” IT departments should therefore also have this Detect devices and classify them accordingly, because only the complete recording of all assets offers the basis for a successful risk management.
IT departments could do this detection, however do not do it manually – there are too many devices with potentially unknown vulnerabilities that they should rely on automated technologies. “Decision makers can reduce risks if their IT departments are provided with the right tools”, advises Bünning in conclusion.
Further information on the topic:
datensicherheit.de, 30.03.2021
Once again, IoT devices became the gateway for hackers / criminals were able to spy on Tesla, Cloudfare and prisons via IoT security cameras
datensicherheit.de, 06.03.2020
Shadow IoT: How to shed light on the darkness / threat landscape in constant change
–
