Organisations fear IoT security attacks – but are not actively monitoring risks
Almost every organisation polled by the Ponemon Institute and Shared Assessments say they fear a ‘catastrophic’ security event related to an unsecured IoT device – yet only a third actively monitor for IoT-related third-party risks.
The study, which surveyed 605 individuals in corporate governance, found the average number of IoT devices in the workplace is set to increase by 55% over the coming year. 81% of those polled said a data breach caused by unsecured IoT devices was ‘likely’ to occur in the next 24 months.
The challenge is more of an issue than may be let on, the report adds. Less than half (45%) of respondents believe they can keep a full inventory of IoT devices in the organisation – and of that number, only 19% actually have an inventory of at least half of their devices. 15% of survey respondents have an inventory of the majority of their applications.
46% of those polled say they have a policy to disable a risky IoT device within their own organisation, while 60% opt for a third-party risk management program.
“The rapid adoption of IoT devices and applications is not slowing down and organisations need to have a clear understanding of the risks these devices pose both inside their own and outside their extended networks,” said Charlie Miller, SVP at the Shared Assessments Program. “While there’s an increasing awareness about third-party IoT risks, much more work needs to be done to ensure controls minimise the risks these devices pose.
“With the increasing number of major data breaches, ransomware, and distributed denial of service attacks in the news daily, and senior executives losing their jobs as a result, it’s critical that organisations assign accountability and ownership of IoT-related oversight across their organisation, ensure that IoT security is taken seriously, and educate management at all levels,” added Miller.
You can read the full research here (registration required).
Interested in hearing industry leaders discuss subjects like this and sharing their IoT use-cases? Attend the IoT Tech Expo World Series events with upcoming shows in Silicon Valley, London and Amsterdam to learn more.
- » IoT, edge and big data causes network overload with rearchitecture the answer, report notes
- » Police team up with Avast to make an 850,000 device botnet self-destruct
- » VMware works with Forescout on IoT and expands telco and edge cloud portfolio
- » Ring discusses the smart home, choosing IoT standards, and its mission to reduce crime
- » Gartner forecasts explosion in enterprise and automotive IoT endpoint usage