Optiv Security, a security solutions integrator delivering end-to-end cybersecurity solutions, unveiled its Enterprise Internet of Things (IoT) Lab in response to a growing and ever-present pain point for client security leaders – the proliferation of IoT devices on organisational networks. Chief information security officers (CISOs) are dealing with sizeable blind spots and have expressed the clear need for support in discovering those devices and bringing them into their existing vulnerability management programs with an expanded objective of total network protection that goes beyond simple device discovery and assessment. Optiv’s Enterprise IoT Lab will:
Show organisations how to discover IoT devices present in their environment, assess devices for vulnerabilities, and mitigate outstanding security issues.
Provide a baseline platform for development of automated vulnerability management and incident response solutions for IoT.
Also Read: Company Closeup: IBM – Networking The World
Position IoT/OT/ICS security solutions where their integrations into other technologies can be developed and tested end-to-end.
“Current technologies focused on traditional network assets can fall short when trying to assess IoT targets, and solutions focused on the OT/ICS space don’t always integrate with the enterprise vulnerability management solutions,” said Sean Tufts, practice director, IoT Security, Optiv. “We’re now able to prove out these solutions in an environment that provides access to a wide spectrum of partner technologies.”
Optiv has partnered with Palo Alto Networks, Tenable, and Armis to highlight how these solutions react in a real-world environment of live devices. In addition, Gigamon has been leveraged to enable each solution’s monitoring requirements.
The Lab will drive solutions from real-world sources and/or data supplied from a client environment. More than 50 common corporate IoT targets are in the environment and will be tested and demonstrated on to highlight vulnerability management best practices in live-time as they relate to source (insiders, third parties, bad actors) and threat (unsecured remote access, weak passwords, legacy technologies, pre-installed spyware, hackable devices).