Why preventing IoT attacks isn't just the responsibility of security experts

Cisco's Anthony Grieco explains how enterprises need to take a deeper look at how they handle Internet of Things cybersecurity.

Video: IoT cyber-defence best practices By weaving cybersecurity into the fabric of business strategy and making it a priority, companies will be able to embrace digital transformation and innovation, says Cisco's Anthony Grieco.

Internet of Things (IoT) flaws can leave your company vulnerable to a multitude of attacks.

TechRepublic's Dan Patterson met with Anthony Grieco, senior director and trust strategy officer at Cisco, to discuss how enterprises can best defend themselves against threats targeting IoT devices.

Businesses need to understand that they have IoT devices deployed in their enterprise, whether it's a connected TV or a connected HVAC system. "Every business that we're dealing with today is touching on, or using IoT in some way, shape, or form, fundamentally," Grieco said.

SEE: Research: Defenses, response plans, and greatest concerns about cybersecurity in an IoT and mobile world (Tech Pro Research)

When we look at the overall approach to IoT security, it's easy to look at the risk side, and harder to look at proactively dealing with cybersecurity in that space, he said. One aspect enterprises should consider with cybersecurity is: segmentation. Companies need to think about how to bring virtual barriers between connected devices and other assets within the enterprise, he said.

Segmentation allows a "point of visibility" so companies can see what happens in that "thing space" where they've connected devices to their network. That gives them the opportunity to operationalize security in that space. Enterprises should look for anomalies, and create capabilities to respond to instances that might happen, he added.

The number one goal for a company should be to make employees aware of the role they play in cybersecurity. In the past, the issue of cybersecurity has been "an expert-only conversation." However, to build an understanding, cybersecurity experts must "shift their mindset to be teachers, and not just owners of the expertise," said Greico.


See Also:

istock-610749178.jpg
Image: iStockphoto/Jirsak