IT's a vulnerable world out there...

It was a pleasure to catch up t’other day with Rik “rock star” Ferguson, the former Trend Micro legend who is these days hanging out with Forescout as the company’s VP of Security Intelligence, working alongside Forescout’s Vedere Labs research and threat analyst team.

As he said himself, Forescout is essentially cyber security’s best kept secret, having been in business almost as long as James Bond (well, not quite) but not widely known outside of the IT security community (or even within). Forescout’s primary mission in life is to make every IT element within a company visible and then secure it. As I’ve said many times over the decades: “how can you secure something if you can’t see it or don’t know it’s there?” Unfortunately, you’d be amazed how many companies attempt to do precisely that…

One key area of ignorance, highlighted by a report recently released by Forescout, is what connected devices are generating the most risk to companies. Before we briefly highlight a couple of results from the analysis, let’s just step back a decade or four – or five – to the days when the IT security threat consisted of a mainframe and dumb terminals (complete, of course, with dumb users, whose password was often hand-written on a post it note attached to the – green on black – monitor). In truth, for the most part, there wasn’t a lot of data to steal anyway. The 1985 IBM 3090 (Model 200) that I “inherited” in my first IT role (and what quickly drove me to PCs and networking) came with a mighty 64MB of central storage by default (for your $5m!).

Even with the advent of PC networks, these were typically individual “islands” of resource that were easily secured. Remote comms were typically based around private leased lines and/or dial-up modem across the PSTN, so again relatively easy to secure. Fast forward to 2024 and if we just take a sample from aforementioned report (available here: https://www.forescout.com/resources/2024-riskiest-connected-devices/ – we see that it’s not simply IT we have to worry about, but also IoT, OT and IoMT (medical). And, in each sector there are myriad device types. It all adds up to a never-ending list of vulnerabilities. Patch management? Yeah, right. Remember the old adage about trying to repair an old, leaky dinghy with Elastoplast?

Unsurprisingly, given their ubiquitous nature, IT devices came out on top in terms of still being a SecOps guy’s worst nightmare, endpoints and network infrastructure vulnerabilities scoring 58% of all across the board, in the survey. If you think that is scary, at least it’s down from the (very scary) 78% the previous year. Wireless APs are (unsurprisingly) guilty as charged. But (misconfigured) routers are not far behind. Broadening the view, it might surprise some that printers, VoIP devices and IP cameras are all high on the vulnerability list. Then again, it shouldn’t, given that many are unmanaged devices in the first place.

Even so, they have an IP address – they are visible and therefore they can be secured. All of which brings us back to the starting point and one of the raison d’etre of Forescout – make every element of the connected world visible and then secure it. Maybe what Forescout the company needs is to be more visible itself 😊.