Endpoint Security
,
Events
,
Gartner Summit
Phosphorus Cybersecurity’s Chris Rouland on Outdated IoT Devices, Scaling Threats
The number of IoT devices worldwide has surged from 20 billion to 75 billion in less than a decade, creating a host of security risks. Most of those IoT devices still rely on outdated codebases and can go unpatched for years, creating easy entry points for attackers by bypassing traditional security controls, said Chris Rouland, CEO and board member at Phosphorus Cybersecurity.
See Also: Enterprise Browser Transforms App Delivery and Compliance
Unlike well-managed endpoints, security teams often must deal with devices that rarely get updates or maintenance, Rouland said. Despite increasing awareness, IoT is still a low priority in most organizations’ security frameworks. But the issue isn’t just volume. It’s neglect.
“There’s so much competition in internet of things and operational technologies to get new products to market, a lot of times they’re not slowing down to actually secure them,” Rouland said. “They might not be going back and getting patches when there’s security problems in those components, and that makes these devices a very big target.”
In this video interview with Information Security Media Group at Gartner Security & Risk Management Summit, Rouland also discussed:
- How adversaries exploit outdated IoT firmware using AI-powered tools;
- Why IoT defense requires a different approach than IT endpoint security;
- The lack of clear ownership and visibility for critical connected assets.
Rouland has more than 25 years of experience in information security and is a leader in cybersecurity innovation. He has founded and led several multi-million-dollar companies including Bastille, the first company to enable assessment and mitigation of risks, and Endgame. He previously worked as a CTO and distinguished engineer at IBM and as director of X-Force at Internet Security Systems.
