49% of the 5.7 million businesses in the UK are leaving themselves vulnerable to cyberattacks by having unknown devices on their network, new research from Forescout has revealed.

Although only 1.6% don’t use any cybersecurity solutions at all, those that do have a significant security weakness in the form of Bring Your Own Device (BYOD) policies.

BYOD, in which employees are allowed to bring their own smartphones, tablets and laptops to work,  is becoming increasingly common. However, the policy can pose a risk to a company’s IT cybersecurity as it increases the chance of both data leakages and malware infiltrating a system.

The increasing number of Internet of Things (IoT) and operational technology (OT) devices connecting to their networks is a significant challenge for UK businesses.

The survey conducted by Censuswide found that 85% of CIOs and IT decision makers understand that this lack of visibility and control of unknown devices on their network poses a real risk to their security infrastructure.

69% of organisations say they now have over 1,000 such devices, with one in five organisations having more than 10,000 devices.

One solution to this problem is operational technology (OT); hardware or software that directly monitors or controls physical devices.

The convergence of IT and OT can create security blind spots that leave organisations vulnerable. 58% of IT decision makers believe that having a centralised approach to IT and OT security will protect businesses against these vulnerabilities, yet only 49% have implemented such an approach within their own organisation.

The research coincides with the latest update to Forescout’s flagship solution, which offers customers the industry’s first fully-integrated device visibility and control platform for unified IT and OT security.

This offers increased device visibility, network segmentation, and improved risk assessment and incident response.

Protecting security with Bring Your Own Device

Myles Bray, vice president of EMEA at Forescout believes that UK organisations should do more to ensure that Bring Your Own Device is not compromising security:

“Our latest research shows that, despite various new regulatory benchmarks and many notable attacks on industry giants in the past twelve months, UK businesses are still painfully unaware of the huge threat vector that connected devices present.

“To properly protect themselves, it is imperative that organisations in the UK are able to not only identify, but also fully manage and control every single third-party device that accesses their network.

“One way in which they can achieve more comprehensive insights is by implementing a centralised management platform that can provide real-time device visibility and control for enterprises across all industries.”