Don’t Let Passwords Stink Up Your IoT Cyber Risk Management

There’s no denying it; Internet of Things cybersecurity is a growing area of concern. As the world becomes more connected through the implementation of IoT devices, the cyber risk associated with this increase in attack surfaces is also growing. In fact, new guidance from the National Institute of Standards and Technology (NIST) outlines how manufacturers can identify the non-technical capabilities required to support IoT security solutions in an effort to mitigate this risk. As more organizations pursue digital transformation and implement IoT infrastructure, it is crucial to identifying and managing the associated IoT threats.

Ensuring you are configuring and deploying connected devices in a secure fashion includes solid password hygiene. Compromised credentials can impact far beyond the loss of access to an account, as they can provide an entrance into a network of connected devices. For example, having default passwords for one account might enable access to all of the cameras on company computers. If one connected device is compromised, the threat can spread throughout an organization’s digital ecosystem and put the entire company at risk.

Recycle paper, not passwords

Unfortunately, the number one reason for a breach is human error, and an alarming number is due to poor password hygiene. We use many different programs at work, and it can be tempting to reuse the same password for some or all accounts. This (unsafe) practice is known as “password recycling,” and it can open up various risks. If one account is hacked, attackers essentially have a master key into any other account that uses the same password. Using unique passwords and 2FA for each account is the best way to avoid this chain reaction.

Beyond password hygiene, effective cyber risk management requires understanding the risks of your systems, employee behavior, and processes for handling risk. Thorough assessments and testing provide a holistic way to identify gaps in your organization and prioritize what can be done to improve. While there is no way to ever be 100% secure, putting a risk management system in place helps to understand which assets need to be secured and the steps to be taken to increase security over time – particularly if this plan includes IoT security concerns. Without a cyber risk management plan that includes regular assessment and testing of all internet-connected devices, you may be putting your organization’s network – and your extended supply chain network – at risk.

Deploy multiple layers of defense

The Defendify all-in-one cybersecurity platform features multiple layers of defense, simplified program management, risk scoring, alerts, notifications, reports, recommendations, and a full suite of easy-to-use cybersecurity tools – including a stolen password scanner to find compromised passwords and prevent account takeovers.

Try the Free Stolen Password Scan to see if your email or passwords are found on the Dark Web, and reach out to learn more about how Defendify can help you protect your organization.

More IoT Resources:

Blog: Before Implementing IoT, Assess and Test Cybersecurity
Blog: Conquering IoT Cybersecurity Challenges Through Visibility and Awareness

Resources & insights

Before Implementing IoT, Assess and Test Cybersecurity
Blog
Before Implementing IoT, Assess and Test Cybersecurity
Implementing more IoT devices within a network increases complexity by adding new endpoints that need to be secured. Without a thorough strategy for managing these devices, organizations may lack visibility that opens them up to increased risk.
Defendify logo container
Blog
Conquering IoT Cybersecurity Challenges Through Visibility and Awareness
Starting with an inventory of your organization’s assets, including who accesses them and how is the first step to ensuring your network is optimized to defend against the latest cyber threats.
Why You Could Be Denied Cyberattack Insurance Coverage
Blog
Why You Could Be Denied Cyberattack Insurance Coverage
As you’re working toward achieving robust cybersecurity, the subject of cyber attack insurance coverage and cybersecurity insurance requirements is sure to enter the discussion.

Protect and defend with multiple layers of cybersecurity

Defend your business with All-In-One Cybersecurity®.

Explore layered
security

Learn more about Defendify’s three key layers and All-In-One Cybersecurity®.

How can we help?

Schedule time to talk to a cybersecurity expert to discuss your needs.

See how it works

See how Defendify’s platform, modules, and expertise work to improve security posture.

Take the first step toward comprehensive cybersecurity with a free Defendify Essentials package

Gain access to 3 award-winning cybersecurity modules. Nothing to install. Nothing to pay for.