Welcome to this week's Black Arrow Cyber Tip Tuesday. This week James is talking about dangers from Internet of Things (IoT) and Shadow IT devices that may have crept onto your corporate networks. Do you know all the devices on your network? Do they introduce security risks to your business?

In an increasingly connected world, the security umbrella with which you protect your organisation’s information assets is constantly expanding. At the fringes and often overlooked by businesses, are the Internet of Things (or IoT) and Shadow IT.

The Internet of Things consists of an ever-increasing number of physical devices with network connectivity features. Often people associate IoT with smart consumer devices. However, there are many IoT devices which also exist in a corporate environment and they’re are often overlooked when a company evaluates its information assets. As such they remain invisible to your Vulnerability Management strategy and can seriously compromise your security posture.

Conversely, Shadow IT refers to software and applications that aren’t sanctioned by your company but have instead been installed by users (often to fulfill a single task and then they’re forgotten). This isn’t always a bad thing, except when these applications have access to company information but lack the controls and governance surrounding sanctioned applications. In which case they pose a significant risk to the security of your data and your business.

Contact us to discuss how you can decrease risk by increasing visibility.

In today's 'Tip Tuesday' we're talking about firms being in a defensible vs an indefensible positions in the event they suffered a significant breach. A firm that has taken cyber security seriously and has done all it could and yet still ended up the victim of a breach, possibly at the hands of sophisticated and well resourced nation state level attacker, is in a far more defensible position than a firm that has not done all it could, or all that could reasonably be expected of a diligent firm. A firm that has been breached by an unsophisticated attacker or otherwise left itself open to attack will have a much harder time defending their actions to affected customers, shareholders, authorities and regulators. Talk to us today to see how we can help you ensure you will be in a more defensible position