Enterprise IoT Security: how to protect your complex web of connected devices
Enterprise IoT devices have made tremendous progress in recent years, finding powerful use cases across industries — manufacturing plants are getting “smart” with real-time alerts when machinery is close to failure, utilities are deploying smart sensors to automatically adjust power generation to match demand, and building operators are deploying next-gen HVAC and lighting systems to help reduce costs, just to name a few examples.
Looking forward, new IoT devices with cheaper sensors, more compute power, and higher quality 5G mobile connectivity will create even more compelling use cases for IoT across nearly every industry (healthcare facilities, oil & gas machinery, automotive, retail etc.)
The number of IoT-connected devices are expected to triple to 40+ billion by 2023.
The enterprise “visibility gap”
While the promise of IoT is reasonably well understood, enterprise adoption is far behind its full potential. Today’s enterprise is made up of a far more diverse and complicated web of non-traditional devices like unsecured printers, IP cameras, smart HVAC systems, badge readers, and the like, many of which are installed unbeknownst to IT and most of which cannot be secured with traditional security software.
Based on our conversations with industry leaders, the single biggest issue holding back larger scale IoT deployments is cybersecurity risk. As a result, one of the most common security problems that CIOs and CISOs struggle with is the “visibility gap” — the inability to see, let alone secure, all of the IoT devices connected to corporate networks. This visibility gap stems from several industry trends:
The number of enterprise connected devices is expected to surpass 8 billion this year, up from just 4 billion in 2017
Increased cloud adoption and a more mobile workforce has decentralized the management of endpoints throughout the enterprise
More intelligent OT networks (including highly vulnerable and fragile devices like factory sensors, wind turbines etc.) can no longer be physically separated from IT networks, leaving mission critical corporate data exposed
We believe the sooner CISOs are empowered to adapt to this new paradigm and address this growing visibility gap, the sooner enterprises can fully harness the value creation potential from IoT.
The agentless approach to device security
Armis addresses the cybersecurity pain points emerging from the growth in IoT. Armis’ unique solution allows enterprises to (1) discover and identify all connected devices, (2) analyze devices for threats, and (3) automatically protect the network by removing suspicious devices.
What differentiates Armis from other solutions is its modern approach to device security. Through our market research, we discovered that the solution to the “visibility gap” needs to be agentless, scalable, and frictionless. Based on extensive conversations with current and prospective customers, Armis is the only solution today that satisfies each of these 3 criteria.
Agentless — no installation of specialized software on the device itself is required for tracking and control, which is important because most IoT devices aren’t compatible with agents
Scalable with network effects — a cloud-based, crowdsourced device behavior knowledgebase of 200 million (and growing) devices brings insights of new threat vectors to all of Armis’ customers
Easy to install — no heavy lift is required to deploy Armis into existing environments, and generating insights and providing protection is done in a matter of hours
Armis is a horizontal platform with customers deploying the solution across a wide variety of use cases across industries including technology, healthcare, government, retail, and industrials
Armis was able to help customers discover and identify 60%-70% more devices than they thought they had and 2x-3x more devices than the next best competitor.
CapitalG’s $100 million investment in Armis
We at CapitalG are thrilled to be partners with the Armis team and Insight. Armis’s visionary founders, Yevgeny Dibrov and Nadir Izrael, and their best-in-class team are creating a category-defining company that will make enterprises around the world safer and better able to harness the full potential of IoT.
We look forward to bringing our resources and supporting the Armis team as they continue to create unparalleled products that defend the enterprise from the next generation of cyber attacks. You can read more about what Armis is building here.
Special thanks to James Luo, VP at CapitalG and Mo Jomaa, VP at CapitalG for their collaboration on this article.