年度企业物联网报告：2020年网络安全状态 - FORESCOUT 研究实验室（英文版）（27页）.pdf

1、Research Report The Annual Enterprise of Things Report The state of IoT Cybersecurity in 2020 by Forescout Research Labs Table of Contents Executive Summary 1. Methodology: How We Define Device Risk 2. The Results 2.1. Risk Exposure 2.1.1. Operating System Distribution 2.1.2. Legacy Windows Threat 2

2、.1.3. Risk from Enabled Services 2.2. Riskiest Devices 2.2.1. Riskiest Devices by Vertical 2.2.2. The 10 Riskiest IoT Devices of 2020 3. Conclusions and Recommendations 3.1. Notes on the Analysis and Methodology 3.2. Data Collection and Analysis 3.3. Data Sample 3.4. Open Questions for Your Consider

3、ation References About Forescout Technologies 2 3 4 7 7 8 9 10 12 13 17 19 19 20 20 23 24 27 3 Executive Summary In this first edition of the Annual Connected Enterprise Report, Forescout Research Labs has undertaken the most comprehensive study of its kind within the greater cybersecurity industry

4、to date to assess the risk posture of over 8 million devices deployed across 5 verticals: Financial Services, Government, Healthcare, Manufacturing and Retail. Using carefully defined metrics and data from the Forescout Device Cloud, we identified points of risk inherent to device type, industry sec

5、tor and cybersecurity policies. Furthermore, we translated these findings into data- informed recommendations to help cybersecurity and risk stakeholders to mitigate and remediate these identified points of risk. The riskiest device groups from our Device Cloud data include smart buildings, medical

6、devices, networking equipment and VoIP phones. IoT devices, which can be hard to monitor and control, exist in every vertical and can present risk to modern organizations, both as entry points into vulnerable networks or as final targets of specialized malware. The device types posing the highest le