There are a nearly endless number of cybersecurity companies out there. Security experts are always finding new, improved, or even just different ways to defend our networks and devices, so the market continues to fill with an already endless array of security solutions. On the flip side are enterprise security teams, bombarded by cold calls and emails from these vendors. Nowadays it’s almost a sure thing that any rare salesperson to slip through the phone screen will receive a boilerplate “Thanks, but no thanks.”
Even if you zoom in on the platforms comprising an enterprise’s most basic, foundational security, Endpoint Protection Platforms (EPP), the list is still long. Differentiation is key, nevermind between the already long list of EPP acronyms – EDR, MDR, XDR and more. Gartner’s Magic Quadrant for Endpoint Protection Platform puts a whopping 18 vendors in just the EPP space alone, and industry veterans know there are many quality names left off that list.
Even the niches of this industry are now mature, so how does one explain that products protecting some of our most common connected endpoints – more than 30% of the average CISO’s fleet – are virtually nonexistent? Embedded security of IoT devices is neglected to a frightening degree for 2022. Why is IoT Endpoint Protection nowhere to be found?
IoT Devices Sure Are Important Enough
It’s not because IoT devices are incapable of being attacked. Of course they aren’t. Attacks on IoT devices are on the rise: Last year Kaspersky recorded 1.51 billion breaches in just 6 months. That was more than double the previous year – and as connected IoT such as cameras, TVs, printers, teleconferencing and other devices become a larger portion of the security team’s concern, attacks against them will also rise. In fact, with bad botnet traffic up by double digits every year, it already is.
Some IoT devices in an office environment may be attacked for the sensitive information that they store or communicate. They may be used for eavesdropping and leaking sensitive information. Office printers and other innocuous seeming things are attacked and used to reverse tunnel into the network. Stories of IoT thermostats used to gain network access are well known. Smart locks and surveillance cameras that are key to the physical security of the office environment may be breached or compromised – combining cyber and physical attack.
So no… it is not that they are not important enough.
How Existing Solutions Protect IoT, or Don’t
Is it that standard EPP solutions can simply be applied to IoT, negating the need for a niche market? Not really.
A common tactic to “protect” IoT devices is to use a network security solution, of which we are all long familiar, to segregate them into their own segmented network. This is often done by using different VLANs for the IoT devices, or by deploying firewalls between the IoT devices and other IT or OT networks.
The effectiveness of network segmentation has been discussed extensively, and there is no arguing that it is the most common tactic to block IoT from becoming an entryway into other parts of the network. Nevertheless, network segmentation is not endpoint protection. It just limits damage, without blocking the attack to the device.
Other cybersecurity solutions that are often used to “protect” IoT devices are Intrusion Detection Systems (IDS) and network monitoring solutions. These are great solutions, and provide valuable detection of cyber threats, as well as visibility of all these IoT assets in the organization. What these cloud-based solutions do not offer, again, is protection by blocking the attack at the endpoint level. This last layer of defense is not covered by solutions that currently exist.
But It’s Not That Simple
Maybe the absence of IoT endpoint protection is because stakeholders in the IoT supply chain aren’t on the same page? Getting closer.
Even now, the true practical reason for lacking endpoint protection on IoT devices is that it has to be done together with the device vendors. A true EPP solution that detects and prevents attacks on IoT devices requires implementing it exclusively on the device firmware, meaning either pre-installed by the device vendor, or delivered with a firmware update by the vendor. There’s no excluding them, nor would we want to.
Attempting to implement an endpoint protection platform on IoT devices without the support of device vendors is likely to fail, or even worse: Succeed, and then the vendor will justifiably remove the warranty from the device, and likely cease to provide support. Perhaps this would not happen if enterprises could together voice their demand for IoT security management similar to their IT devices, but closing the gap between vendors and enterprises isn’t that simple.
An IoT Alliance Can Advocate for Change
At Firedome we believe the status quo of security in this industry is why the IoT revolution has been less than revolutionary, so we’re pushing it forward manually. Our platform enables enterprise security teams to simply extend the coverage of their endpoint protection into their IoT devices.
Realizing that currently, the only way to do that is by bridging the gap between enterprise security teams and device vendors, we at Firedome established an EPP Ready Program providing vendors with a new source of revenue. Incentivized by the growth opportunity that our EPP solution introduces to the device vendors, they embed this capability into their devices, and we then offer it to their enterprise customers – already familiar and ready for the platform – to activate it.
This is how we believe we will encourage a future where IoT devices, those that populate offices worldwide, are protected out-of-the-box, with enterprises immediately benefitting from the same level of EPP that they are used to with their IT devices, but for their IoT endpoints.