Technological advancements have given rise to a deluge of new types
of connected devices — i.e., internet of things (IoT) — which, in turn,
introduce new security threats that enterprises are ill-equipped to combat
and even recognize. Many enterprises are not adequately prepared to
deliver on these security needs, applying dated strategies and policies to
a new breed of threats. Furthermore, individual lines of business (LOBs) —
who often work with operational technology (OT) — and traditional security
teams, such as a security operations center (SOC), often don’t see eye to
eye on how IoT connected devices should be managed.
Forrester defines the internet of things as the technologies that enable
objects and infrastructure to interact with monitoring, analytics, and control
systems over internet-style networks. This includes both the specific
devices — i.e. things — as well as the processes and functions — i.e.
operational technology (OT) — that this technology enables. For this study,
we have grouped connected “things” (i.e. devices) and OT together under
the broad category of IoT.