Enterprise Risk from Unmanaged and Diverse xIoT and OT Devices
Enterprises are increasingly exposed to cybersecurity risks due to the proliferation of unmanaged and diverse extended Internet of Things (xIoT) and operational technology (OT) devices within their networks. Research analyzing over 10 million devices across 700 organizations found that two-thirds of networked devices are not traditional IT assets, but rather include network gear, OT, IoT, and medical equipment. Common high-risk device types such as VoIP phones, IP cameras, point-of-sale systems, and uninterruptible power supplies are often widespread yet remain unmanaged, creating significant security blind spots. The diversity of device functions, vendors, and operating system versions further complicates risk management, making it challenging for security teams to identify, patch, and mitigate vulnerabilities effectively.
Manufacturers, in particular, face heightened OT security challenges due to legacy technology, lack of asset visibility, and the growing number of access points resulting from mergers and acquisitions. The complexity of managing access permissions, especially with multiple users sharing admin accounts, increases the difficulty of incident response and overall security posture. Despite increased awareness of these risks, the combination of device diversity, legacy systems, and human factors continues to present substantial obstacles to securing enterprise and manufacturing environments against cyber threats.
Sources
Related Stories
Expanding Cyber Risk Across Connected Assets and Supply Chains
Organizations are facing a rapidly evolving cyber risk landscape as the boundaries between IT, operational technology (OT), Internet of Things (IoT), and supply chain systems blur. The proliferation of connected devices, such as cameras, badge readers, HVAC systems, and factory controllers, has significantly increased the attack surface for enterprises. Business demands have driven the integration of IT, OT, and IoT, enabling telemetry to inform analytics and automation, but also concentrating dependencies on critical control planes like cloud consoles and APIs. This interconnectedness means that a single compromised identity provider, software updater, or remote management tool can serve as a single point of failure, potentially impacting thousands of endpoints and critical business processes. Security leaders emphasize the importance of maintaining a living inventory of assets, applying least privilege principles, and segmenting networks by function and criticality to mitigate these risks. Unknown or unmanaged devices should be treated as unsafe until proven otherwise, and where devices lack robust security features, organizations are advised to broker connections through secure gateways. The challenge is compounded by resource constraints and the long lifecycles of many IoT and OT devices, which often cannot be easily updated or replaced. The expansion of cyber risk also extends to the supply chain, where third-party vendors, contractors, and service providers can become entry points for attackers. Recent high-profile breaches have demonstrated that adversaries exploit trusted relationships to infiltrate organizations, with the fallout often affecting the victim company regardless of where the breach originated. This complexity is frequently invisible to the public and regulators, leading to reputational damage and loss of narrative control for affected organizations. Effective cyber readiness now requires extensive preparation, including scenario exercises, communication planning, and training to operate under pressure. The shift from endpoint-centric to control plane-centric risk management reflects the need to address the realities of modern, interconnected business environments. Organizations must adopt an "assume breach" mindset and focus on resilience and recovery planning, not just prevention. The evolving threat landscape demands that security strategies account for the full spectrum of connected assets and the intricate web of dependencies that define today's enterprises. As the definition of cyber risk continues to expand, so too must the approaches to visibility, segmentation, and incident response. Ultimately, the ability to manage and recover from cyber incidents hinges on preparation, visibility, and the recognition that every connected asset and relationship represents a potential risk vector.
4 months agoEnterprise and Critical Infrastructure Threats from Unpatched and Unmanaged Devices
Recent research highlights that enterprise networks are increasingly vulnerable due to a high prevalence of legacy, end-of-life (EOL) systems, unpatched devices, and poor network segmentation. Telemetry from over 27 million devices across 1,800 enterprises reveals that 26% of Linux and 8% of Windows systems are running unsupported operating systems, with 39% of IT devices lacking active endpoint security. Additionally, a significant portion of devices operate outside IT control, and 77% of corporate networks are poorly segmented, allowing low-security devices to share network space with high-value assets, increasing the risk of lateral movement by attackers. Simultaneously, critical infrastructure sectors such as energy, healthcare, government, and transportation are experiencing a surge in cyberattacks targeting IoT and Android devices. Attackers are exploiting the interconnectedness of these industries for financial gain, with the U.S. being the primary target. The rise in attacks underscores the need for stringent tracking of user behaviors, robust access controls, accurate asset inventories, and improved network segmentation to mitigate risks posed by unmanaged and vulnerable devices in both enterprise and critical infrastructure environments.
4 months ago
OT and Smart Factory Cybersecurity Risk in Industrial Environments
Industrial and manufacturing organizations continue to face significant **operational technology (OT)** security risk as connected control systems, IoT devices, and legacy infrastructure expand the attack surface. A Siemens Energy report cited by *TechRepublic*, based on Ponemon Institute survey data, found that **77%** of respondents said an OT security compromise in the past 12 months led to loss of confidential information or operational disruption, while **52%** said a successful exploit against their industrial control systems is likely within the next year. Respondents also estimated that **41%** of OT attacks go undetected, with many organizations taking more than a month to detect incidents and an average of seven months to recover. The broader picture is that smart factories are still struggling with basic cyber resilience as modernization outpaces security controls. In an interview with *Help Net Security*, Packsize CSO Troy Rydman said unmanaged **IoT** devices, outdated legacy systems, and human-targeted attacks such as phishing and social engineering remain major weaknesses in factory environments. He also highlighted the persistent tradeoff between production uptime and security requirements, underscoring that industrial operators are still balancing business continuity with the need to reduce exposure across connected devices and older operational systems.
Today