Organisations fear IoT security attacks – but are not actively monitoring risks
Almost every organisation polled by the Ponemon Institute and Shared Assessments say they fear a ‘catastrophic’ security event related to an unsecured IoT device – yet only a third actively monitor for IoT-related third-party risks.
The study, which surveyed 605 individuals in corporate governance, found the average number of IoT devices in the workplace is set to increase by 55% over the coming year. 81% of those polled said a data breach caused by unsecured IoT devices was ‘likely’ to occur in the next 24 months.
The challenge is more of an issue than may be let on, the report adds. Less than half (45%) of respondents believe they can keep a full inventory of IoT devices in the organisation – and of that number, only 19% actually have an inventory of at least half of their devices. 15% of survey respondents have an inventory of the majority of their applications.
46% of those polled say they have a policy to disable a risky IoT device within their own organisation, while 60% opt for a third-party risk management program.
“The rapid adoption of IoT devices and applications is not slowing down and organisations need to have a clear understanding of the risks these devices pose both inside their own and outside their extended networks,” said Charlie Miller, SVP at the Shared Assessments Program. “While there’s an increasing awareness about third-party IoT risks, much more work needs to be done to ensure controls minimise the risks these devices pose.
“With the increasing number of major data breaches, ransomware, and distributed denial of service attacks in the news daily, and senior executives losing their jobs as a result, it’s critical that organisations assign accountability and ownership of IoT-related oversight across their organisation, ensure that IoT security is taken seriously, and educate management at all levels,” added Miller.
You can read the full research here (registration required).
Interested in hearing industry leaders discuss subjects like this and sharing their IoT use-cases? Attend the IoT Tech Expo World Series events with upcoming shows in Silicon Valley, London and Amsterdam to learn more.
- » Six steps to get IoT data crunching right: The importance of organisational structure
- » Sprint pairs Curiosity IoT with 5G for a smart city and driverless car lab
- » McAfee: IoT malware increasing alongside 480 threats per minute
- » Less than half of businesses are able to detect IoT device breaches
- » Global IoT spending to reach $745 billion in 2019, says IDC