The survey, conducted by cybersecurity specialists Outpost24 and conducted at the RSA Conference in San Francisco, revealed that 53 percent of respondents confessed to having no visibility into the number of devices connected to their company network.
With Gartner predicting global investment into 5G and wireless infrastructure to reach over $4 billion this year, the arrival of 5G and the further expansion of BYOD and IoT devices are expected to increase data consumption and connectivity. In the event of that increased demand there's going to need to be heightened security awareness and continuous security monitoring into the threats posed by wireless technology.
Despite that, the survey found that 69 percent of security professionals admitted to not testing for malicious infections or known vulnerabilities within wireless devices on a weekly basis. This lack of visibility into the wireless airspace indicates that there is either a lack of clarity into wireless security threats or a severe oversight by organisations when it comes to their overall wireless security strategies, according to the report.
“Visibility remains one of the biggest issues in cybersecurity. What you can’t see can indeed hurt you. With higher levels of network traffic and more connected devices than ever, it highlights that current vulnerability assessments are not as extensive as they should be. Wireless threat detection is often ignored or addressed in a reactive manner” says Bob Egner Head of Products at Outpost24.
The survey also asked respondents if their organisation has or requires any security authentication to initiate Bluetooth pairing or wireless connection to the network. It reveals that over half (51%) of enterprises lack pre-existing security controls to examine devices before they join the network. Additionally, almost a quarter (23%) of organisations do not have or are unsure as to whether they have a guest Wi-Fi network for non-employees.
Given the number of vulnerabilities within modern wireless and Bluetooth devices, if organisations continue to take a ‘head in the sand’ approach towards securing wireless networks, they are giving hackers the leverage they require to exploit the wider network infrastructure.
According to Egner, “hackers may only need minutes or days to infiltrate your corporate network. As organisations strive to reduce business disruption, it’s important to implement and integrate the necessary assessment tools to automate discovery and monitoring of wireless threats as part of the vulnerability management process. Many organizations we work with have delegated this problem to network engineers instead of treating it as the security problem which it is.”
