Story image

5G could lead to shadow IoT if security is ignored

24 Jul 18

While 5G promises to shake up the world of mobile apps, communications, and IoT, 5G’s potential for scalability may end up taking a darker turn.

Experts from ForeScout say that businesses may end up using 5G-deployed applications without getting IT teams involved, which may lead to shadow IoT that could create even more problems.

Those problems include security and performance challenges for businesses, particularly as industry standards governing IoT security today are basic.

 “The advent of the cloud a decade ago made it possible for employees to implement cloud-based solutions with nothing more than a credit card and an internet connection. This led to the rise of unapproved, unsecured applications being used in enterprises, which is what became known as shadow IT,” comments ForeScout director for Asia Pacific and Japan, Steve Hunter.

“Just like cloud, 5G will make it easy for businesses to deploy applications more quickly without the perceived friction that the internal IT organisation can introduce.” 

He believes that for enterprise IoT, 5G will help to examine use cases that are deployed today on 4G or 3G networks. But like all applications, they become extensions of the enterprise network and they need to be secured.

ForeScout says it’s essential to prioritise security tools that offer visibility, particularly as organisations prepare for the ‘onslaught’ of IoT applications when 5G becomes widely available.

“The only way to secure the network is to know exactly what’s connected and how it’s being used,” says Hunter.

“When business units can do this without IT assistance, gaining full visibility becomes complex. We’ve seen this story before with both the BYOD challenge post-iPhone and then the rapid adoption of the cloud. The upcoming rollout of 5G will motivate organisations to explore of the business value of IoT, so it’s essential to shine a light into every dark corner of the network now to prevent visibility gaps in the future.” 

Although the 5G standard isn’t expected to be solidified until 2020, service providers are currently testing pre-standard 5G networks.

ForeScout says many use cases will operate effectively on existing networks, so some businesses are exploring IoT deployments today. Taking a proactive position on IoT deployments can help IT reduce the instances of shadow IoT by avoiding the perception of IT-introduced friction. 

“It’s important to learn the lessons from IT history. The technology and security functions had to integrate cloud into corporate IT to rein in shadow IT. Similarly, IT should gain control of today’s shadow IoT and by doing so make ready for the future of IoT that’s coming with 5G,” Hunter concludes.

Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
Dell EMC advances hybrid cloud for VMware environments
Through collaboration and joint engineering, Dell EMC and VMware are enabling organisations to derive more value from IT investments.
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”
Gartner names Bitglass a leader in cloud security
Bitglass was evaluated based on its ability to execute and its completeness of vision.
Universities seeing rise in DDoS attacks
Overall, between July and September, DDoS botnets attacked targets in 82 countries.
Security cameras – a latent botnet network?
In a comparison of 16 indoor and outdoor IP surveillance cameras, researchers found only one well-protected device.
2018’s worst malware revealed in report
Webroot has highlighted the top cyberattacks of 2018 in its latest Nastiest Malware list, which showcases the malware and attack payloads that have been most detrimental to organisations.
How phishing is evolving to outpace awareness
While email providers have made strides in flagging suspicious emails and source domains, reducing the effectiveness of attacks, attackers’ techniques have also evolved.