The Riskiest Connected Devices in 2023

Since 2020, Forescout Research – Vedere Labs has been tracking the riskiest devices on organizations’ networks. In 2020, we released the first Enterprise of Things Security Report and followed in 2022 with the Riskiest Connected Devices in Enterprise Networks report.

Our reports are entirely based on data coming directly from connected devices. Throughout the years, we have noticed that although many device types are consistently in these lists – such as IP cameras, VoIP equipment and programmable logic controllers (PLCs) – due either to their inherent criticality or to the persistent lack of attention from security teams, there are other devices whose current risk level reflect developments in the threat landscape.

For instance, in 2022 we reported on hypervisors becoming a major target for ransomware – which is a trend that only grew and continued into 2023. However, the dataset in our 2022 report (January through April) did not include several important later developments, such as the increasing targeting of unmanaged devices by hacktivists, growing numbers of employees returning to their offices after the COVID-19 pandemic and intensified attacks against Western critical infrastructure following the Russian invasion of Ukraine.

Therefore, in this report, we update our findings about the riskiest devices in enterprise networks in 2023. We again take a data-driven approach by analyzing millions of devices in Forescout’s Device Cloud using Forescout’s multifactor risk scoring methodology. Section 2 presents the results by device category (IT, IoT, OT and IoMT). Section 3 discusses some risk factors in more detail and shows their distribution by industry. Section 4 presents the main takeaways and mitigation recommendations.