June 10, 2024 at 05:33PM
The cyberattack threat landscape for organizations encompasses various IT, IoT, and operational technology devices, offering opportunities for bad actors. Forescout Research highlights key findings, including IT devices accounting for most vulnerabilities, a surge in IoT vulnerabilities, and the top three riskiest verticals being technology, education, and manufacturing. A holistic approach to risk assessment is recommended.
Based on the meeting notes, the key takeaways are:
1. The cyberattack threat landscape encompasses IT, Internet of Things (IoT), and operational technology (OT) devices, providing various entry points for cyber threat actors.
2. Forescout Research–Vedere Labs examined nearly 19 million devices to determine the categories representing the greatest risk to organizations based on misconfiguration, vulnerabilities, exposure to the Internet, and potential impact in case of compromise.
3. The most vulnerable device types are wireless access points (WAPs), routers, printers, voice-over-IP (VoIP) devices, and IP cameras, with VoIP devices, networking infrastructure, and printers being the most-exposed unmanaged gear.
4. The top three riskiest verticals are technology, education, and manufacturing, with healthcare showing a decline in risky devices in 2024, but having new problematic devices in the Internet of Medical Things (IoMT).
5. Forescout emphasizes the importance of taking a holistic view when risk-assessing an environment, as attackers can leverage devices of different categories to carry out attacks.
6. IT endpoints, network infrastructure devices, and IoT devices like network video recorders (NVRs) are identified as high-risk categories due to increasing vulnerabilities and exploitation.
7. Operational technology devices such as uninterruptible power sources (UPS), distributed control systems (DCS), PLCs, robotics, and building management systems are indicated as highly risky, with vulnerabilities such as default credentials and insecure-by-design systems.
8. The Internet of Medical Things (IoMT) poses significant risks to patient safety and personal health information, with medical information systems, electrocardiograph machines, DICOM workstations, picture archiving and communication systems (PACS), and medication-dispensing systems being identified as the riskiest devices.
These takeaways provide a comprehensive understanding of the current threat landscape and highlight the need for organizations to prioritize risk and exposure management across all device categories to effectively mitigate cybersecurity risks.