Enterprise IoT Security Is a Supply Chain Problem
Organizations that wish to take advantage of the potential benefits of IoT systems in enterprise environments should start evaluating third-party risk during the acquisition process.
Let s face it: Most enterprises aren t building their own Internet of Things (IoT) systems. Very few organizations have the scale to develop and deploy IoT devices of their own in their environments the hardware tends to be specialized, most of the software doesn t look like the stuff their corporate horde of Java developers use to write code, and there just isn t enough value for risky projects like that to make sense. So, enterprises tend to buy consumer IoT devices and shoehorn them into their corporate security architectures and it can be challenging to get them to properly fit. This doesn t mean that enterprises are helpless in the face of IoT security risks, but it does make enterprise IoT security a supply chain problem.