Q: As per your recent research on IoT security, a whopping 92% decision-makers in the Middle East believe their IoT approach needs improvement. Is this a sign of worry? How can the organizations be more equipped and swiftly engage to improve and manage this?
While 92% of decision-makers in the Middle East said their IoT approach needs improvement, it’s important to drill a little deeper into the figures: Indeed, 46% of those decision-makers we’re referring to believe that only ‘a little improvement’ is required, 37% claim “a lot of improvement” is required, and 9% said a “complete overhaul” is needed – these numbers were fairly consistent with the findings globally.
This is partly due to the many diverse IoT devices which are connected to organizations’ networks, and in many cases, without their knowledge. This is not necessarily surprising given the rapidly growing variety of IoT devices accessing networks: IoT devices now include smart teddy bears, coffee machines, light bulbs, connected trash cans, and hand sanitizer stations, as evidenced by the recent research commissioned by Palo Alto Networks and undertaken by Vanson Bourne.
IoT devices are regularly connecting to corporate networks, and technology leaders must take significant actions to ensure their networks are secure against the potential threats that these devices pose. Apart from having full visibility of their network, organisations must modify their behaviour by micro-segmenting IoT devices on their networks.
The good news is that most organizations in the region already have reasonably good visibility of their networks, particularly when compared to organizations in other parts of the world. I refer again to the research we commissioned, which indicates that: 72% of IT decision-makers in the Middle East are completely confident that they have full visibility of all IoT devices connected to their organization’s network, while a further 26% of were “somewhat” confident about visibility. This compared favorably with the EMEA average, where 58% of IT decision-makers expressed complete confidence that they have visibility of all IoT devices connected to their organization’s network. So based on this, I’d argue that organizations in the region are in a good position to start improving their IoT policies by micro-segmenting devices on their network and working with cybersecurity experts to further mitigate the potential security threat presented by these devices.
Q: How does Palo Alto Network’s Zingbox technology work? How can SME’s /SMB’s adopt or incorporate this in their setup?
Zingbox is an IoT cybersecurity company that Palo Alto Networks acquired completely in 2019 to accelerate IoT security through next-generation firewall and cortex™ platforms.
With the introduction of the cloud-based service Zingbox, we were able to give customers the ability to gain full control, visibility, security, and risk assessment of their connected devices at scale – using AI and machine learning technologies.
At Palo Alto Networks, we enable security teams – whether at large corporates or SMEs – to rapidly identify and protect all unmanaged IoT and OT devices with a machine-learning-based, signature-less approach. We enhanced Zingbox technology to create the industry’s first turnkey IoT Security delivering visibility, prevention, risk assessment, and enforcement in combination with our ML-Powered Next-Generation Firewall. This solution is just as relevant for smaller companies as their larger counterparts, and there is no need to deploy any new network infrastructure or to change existing operational processes.
I’d like to add a few more figures to underline the seriousness of IoT security and the need for organisations to adopt solutions such as Zingbox. Recent research from Unit 42 indicates that 98% of all IoT traffic is unencrypted, exposing personal and confidential data on the network, while 57% of IoT devices are vulnerable to medium- or high-severity attacks, making IoT the low-hanging fruit for attackers. In this scenario, it is essential for all companies to beef up their IoT security.
Q: Small businesses who often outsource their IT maintenance to external providers, how does this impact them? If this is additional investment, what kind of solutions are available for small sized businesses?
There are many different approaches that SMEs take to IT. Some smaller companies that outsource key parts of their IT maintenance may believe that their systems are secure, but they should ask the right questions of their IT partners and ensure that their cybersecurity is up to the mark. It’s really a question of awareness – and ensuring that cybersecurity is a top priority rather than an afterthought.
It is just as essential for a small company to take cybersecurity seriously as for a large multinational. Smaller firms may initially see robust cybersecurity as an additional cost, but they should really view it as an investment and even a selling point: there’s no doubt that customers and partners will have greater confidence in a small firm that treats cybersecurity with the seriousness it deserves.
Palo Alto Networks fully supports the SMB segment and smaller firms adopt the vast majority of our solutions, helping them to stay secure, fulfill their goals, and grow.
Q: Apart from IoT Security, how can enterprises benefit from Palo Alto Network’s security solutions and what other enterprise solutions can you offer?
At Palo Alto Networks, we aim to create unique security solutions for your network and business while allowing you to embrace and address your business needs – whether your focus is the data center, remote offices, highly regulated industry-specific processes, or risk management.
We use of our next-generation firewall to enable you to gain full visibility and control over your network. Whether you want to secure the enterprise, cloud or the future, we have the perfect solution for your business.
