Nearly half of network connections come from high-risk IoT and IT devices - so make sure you're protected

News
By published

Most enterprises are running "flat" networks, report warns

Female Programmer Coding on Desktop Computer With Six Displays in Dark Office
(Image credit: Shutterstock)
  • Nearly half of IoT-to-IT connections come from vulnerable or misconfigured high-risk devices
  • Flat networks allow threats to spread easily between IoT and IT systems
  • Protection requires segmentation, Zero Trust, visibility, and endpoint monitoring

Almost half of all network connections (48.2%) from Internet of Things (IoT) devices to internal IT devices originate from high-risk IoT gear, and another 4% come from critical-risk components, experts have warned.

A new paper published by Palo Alto Networks based on telemetry from 27 million devices noted almost half of all such connections involve devices that are either vulnerable to exploitable flaws or misconfigured and thus dangerous.

These high-risk systems have, aside from unpatched vulnerabilities, weak configurations, or insecure protocols, which can create a broad, persistent attack surface, and opens direct paths for threats to spread from compromised IoT endpoints into core business systems.

How to stay safe

A single exploited IoT device could allow lateral movement within a network, leading to data theft, business disruption, or major financial loss.

The number one risk factor here is the lack of network segmentation, it was said. Most enterprises operate a “flat” network, in which IT and IoT devices coexist without isolation.

That means that once a threat actor enters the network, they can easily move from one device to another, expanding their reach and wreaking more havoc.

There are a number of things both small and medium-sized businesses (SMB) and enterprises can do to protect against these risks.

First, they should enforce strict network segmentation between IoT and IT systems, in order to isolate high-risk or unmanaged devices from critical infrastructure.

Then, they should implement a Zero Trust architecture, applying least-privilege access, continuous device verification, and contextual access controls.

Also, they should make sure they have complete device visibility, including unmanaged and BYOD assets, and apply regular vulnerability and firmware patching.

Finally, businesses should deploy comprehensive endpoint protection (EDR/XDR) across all managed IT assets and develop alternative monitoring for IoT endpoints that can’t run agents.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.