With billions of smart devices in use today, there are now 10 times as many xTended Internet of Things (xIoT) devices in the world than all traditional endpoints combined. Most of these devices – including IoT and OT cyber-physical systems – remain unknown, unmonitored, and unmanaged without basic security hygiene. This creates a growing attack surface made up of billions of xIoT devices – critical enterprise systems targeted by nation-states and threat actors that can make up to 30% of your network. As many as 70% of enterprise xIoT devices still have default passwords in use. Outdated legacy protocols and old, vulnerable firmware open up xIoT devices to a host of attack techniques–including ransomware, malware, living of the land threats, and data exfiltration.
This session asks the question, “Why are organizations protecting IT from xIoT instead of protecting the devices themselves?” After understanding the different approaches to xIoT security and the statistics behind the current state of xIoT security, the speaker then presents IoT/OT devices with concrete examples of vulnerabilities for each and the methods by which attackers may exploit—or manipulate—their true functionality.
