Niels Jensen, senior vice president of Americas sales at ForeScout Technologies (Nasdaq: FSCT), has said federal agencies should have visibility of their internet-of-things-based devices in order to protect their network infrastructure from cyber threats.
He wrote that information technology administrators at agencies should deploy tools designed to detect and implement policy-based controls on IoT devices.
“With a consolidated view across the network, agencies can automatically detect legacy systems as well as new IoT devices, classify everything according to function and criticality, and assess the security posture of the devices,” Jensen added.
He noted the Department of Homeland Security’s Continuous Diagnostics and Mitigation program and the Defense Department’s Comply to Connect framework consider asset visibility as a fundamental step.
Having visibility of internet-connected devices could help managers delegate higher-order tasks to professionals involved in asset inventory and comply with government mandates such as the Federal IT Acquisition Reform Act and the Federal Information Security Management Act, he wrote.
Jensen advised agencies to integrate IoT device security into their risk mitigation strategies and those of their contractors.
“DoD and civilian agencies must remain committed to ‘cyber basics’ while pursuing newer technologies, such as agentless asset discovery, to adapt to fast-changing IT landscapes,” he added.