From Homeland Security Today (HSToday)
Every IoT sensor has a unique IP address, enabling it to communicate and exchange data with other machines and serving as a potential access point.
Fighting back and keeping IoT devices secure
The proliferation of IoT devices could open the floodgates for cyberattacks threatening the security of smart buildings. A recent report indicated that in 2019 nearly 40 percent of 40,000 smart buildings were impacted by a cyberattack. That in mind, it’s critical that organizations get ahead of the onslaught of threats by implementing security best practices including:
Strong password policies: It can’t be stated enough that one of the easiest ways that attackers compromise an IoT device is due to its weak, guessable or default passwords. In fact, 70% of IoT devices are still using the factory-set default passwords. Having strong password policies that entail long and unique passwords help prevent cyberattacks.
Robust patch management: The biggest security hurdle with IoT devices is the inability to easily upgrade or patch them. Most IoT devices are often too critical to stop operations for software updates. Developing policies to define processes for different types of upgrades from bug fixes to new releases to emergency updates will help to make your IoT update process more robust.
Segment your network: Organizations can minimize the impact of an IoT attack from spreading to other parts of the network by separating out critical systems, such as BAS systems, from the rest of the network.