Industry Insights with Sam Junkin

CISO Trainings , Endpoint Security , Internet of Things Security

Calling on CISOs and Security Leaders to Elevate IoT Security

Transforming Technical Expertise Into Strategic Leadership
Calling on CISOs and Security Leaders to Elevate IoT Security
Image: Shutterstock

The rapid proliferation of IoT devices introduces significant security risks that require CISOs and top corporate leaders to step up, reduce risks and align IoT security with mission-critical objectives.

See Also: Live Webinar | Compliance and Cyber Resilience: Empowering Teams to Meet Security Standards

In many ways, the role of CISOs has evolved beyond focusing on issues such as firewalls and compliance. Today, CISOs are integral to executive leadership, responsible for aligning cybersecurity strategies with business goals. According to cybersecurity research by the SANS Institute, modern CISOs are increasingly expected to lead strategic initiatives and influence corporate strategies. This shift highlights the importance of strong leadership in embedding security into every facet of an organization.

The 2024 Mobile Security Index emphasizes that a strong security culture is crucial for addressing risks associated with mobile and IoT devices, with 89% of respondents agreeing that organizations need to take mobile device security more seriously.

CISOs are pivotal in driving the adoption of robust security practices within their organizations. In the 2024 MSI, 73% of critical infrastructure respondents said leadership only takes cybersecurity seriously after a breach, underscoring the need for security and business leaders to strengthen security before incidents occur.

Understanding IoT Security and Vulnerabilities

Nearly all - 95% - organizations use IoT devices and 62% have mature deployments, according to the 2024 MSI. But widespread IoT adoption also comes with higher risks. The 2024 MSI revealed that 53% of organizations have faced security incidents involving IoT devices, highlighting the importance of strong IoT security management.

Despite widespread IoT use, many organizations still lack comprehensive oversight. IoT devices can become weak points in an organization's security infrastructure without proper tracking and management.

IoT Security and Risk Management

CISOs and top executives are responsible for developing comprehensive risk management frameworks that include IoT security. To that end, it's essential for organizations to have systems to track and automatically apply security patches to IoT devices. The 2024 MSI supports this claim, reporting that 69% of organizations have such systems, but this still leaves 31% at a higher risk of IoT security incidents.

Quantifying security risks is one of the best ways for CISOs, top management and board of directors to understand and address IoT security risks. This will enable CISOs to prioritize resources and implement effective IoT security measures, such as multifactor authentication, encryption and continuous monitoring.

Driving a Strong Security Culture

Integrating cybersecurity into business processes requires greater collaboration between security and business leaders. The SANS Institute's 2024 Security Awareness Report found that mature security awareness programs significantly reduce human-related risks. For example, organizations with well-established security awareness programs see a notable decrease in the frequency of successful phishing attacks.

The 2024 MSI highlights the importance of a strong security culture in mitigating risks associated with mobile and IoT devices. Nearly nine out of 10 respondents - 89% - agree that organizations need to prioritize mobile device security. Eighty-three percent of global organizations plan to adopt a converged security solution that integrates security measures across services, networks and platforms. This approach ensures security aligns with business objectives, reducing risks and strengthening organizational resilience.

CISOs play a pivotal role in driving this integration, ensuring that security measures are effective and seamlessly embedded into their organizations' daily operations.

Embracing a Strategic IoT Security Role

As the use of IoT devices expands, CISOs must embrace their strategic role in managing cybersecurity risks associated with these devices. Verizon's comprehensive IoT security capabilities are designed to support CISOs with everything from tracking and securing IoT devices to implementing zero trust principles. Verizon provides the tools and strategies CISOs need to help protect their organizations from emerging threats.

As IoT devices flourish, associated security risks require strategic leadership and oversight. By fostering a security-first culture, embracing comprehensive risk management and aligning cybersecurity with business goals, CISOs can better address evolving IoT security challenges.

To learn more, review Verizon’s latest IoT security insights here for in-depth information and additional resources.



About the Author

Sam Junkin

Sam Junkin

Director of Cybersecurity Consulting, Verizon

Sam Junkin is a Director in the Verizon Security Consulting group. He is a seasoned Security Leader with over 20 years of professional security experience, highlighted by a progressive record of achievements in the broad array of security segments including Governance, Risk, and Compliance and Payment Security Programs. Experienced in driving change, both culture and technology across global industries, business units and teams.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.