The Riskiest Connected Devices in Enterprise Networks

The growing number and diversity of connected devices in every industry presents new challenges for organizations to understand and manage the risks to which they are exposed. Most organizations  now host a combination of interconnected  IT, OT and loT devices in their networks that has increased their attack surface.

According to a recent report by the Ponemon Institute, 65% of responding organizations say that loT/OT devices are one of the least secured parts of their networks, while 50% say that attacks against these devices have increased. IT and IT security practitioners in 88% of those organizations have loT devices connected to the internet, 56% have OT devices connected to the internet and 51% have the OT network connected to the IT network.

Threat actors are well aware of these trends. We recently reported on how ransomware groups have started massively targeting devices such as NAS, VoIP and hypervisors. Not surprisingly, most of these devices were among the riskiest we identified in the 2020 Enterprise of Things Security Report.

In this report, we update our findings about the riskiest devices in enterprise networks in 2022. We take a data­ driven approach by analyzing millions of devices in Forescout’s Device Cloud using the Forescout Continuum Platform’s new multifactor risk scoring methodology, described in Section 2. Section 3 presents the results per device category (IT, loT, OT and loMT). Sections 4 and 5 discuss the risk distribution per industry and geography, respectively. Section 6 presents the main takeaways and mitigation recommendations.