IoT Security Alarm Bells Ring: Survey Shows 84% Expect Breach
Despite the proliferation of connected devices, the vast majority of IoT hardware is shipped without robust security. In practice, many lack basic encryption, making them trivial targets for attackers.
To quantify the risk and gauge corporate readiness, the third annual “Companies Don’t Know What They Don’t Know” study was released in May 2019 by Shared Assessments and the Ponemon Institute, both respected authorities in cyber‑risk measurement. The survey gathered insights from 625 senior risk and governance leaders.
Key findings highlight a stark mismatch between exposure and preparedness:
- 26% of respondents reported a data breach caused by an unsecured IoT device.
- 84% believe a data breach originating from an IoT asset is very likely in their organization.
- 87% consider an IoT‑driven attack, such as a DDoS, highly probable within the next two years.
- 27% of boards now demand clear evidence that IoT risk is being assessed, managed and monitored.
- Only 11% of companies currently educate staff on the unique threats posed by IoT devices.
These results paint a picture of a “perfect storm”: insecure devices are being deployed in environments that are ill‑prepared to secure them.
Change cannot come from manufacturers alone. Unless buyers demand it, vendors are unlikely to invest heavily in security features. The real catalyst will be enterprises that rely on IoT to drive their operations.
Many organizations are starting to draft comprehensive IoT policies, enforce controls, and launch security awareness programs. Board members are taking notice, and devices that fail to meet new corporate standards are being phased out.
Now is the moment for IoT manufacturers to embed industry security standards into their products and provide capabilities that let businesses centrally manage a diverse device fleet. If they do not act, customers will seek alternatives that deliver true protection.
– Niall Browne, senior vice president of trust and security, CISO at Domo, Inc., and member of the Shared Assessments Steering Committee.
Originally published on EE Times: “IoT Security Looks Grim in Survey.”
Internet of Things Technology
- Securing Home Workers: Tackling the IoT Threat Landscape
- IoT Security: Unpacking the Unique Threat Landscape for Connected Devices (Part 1)
- IoT Security: Overcoming Deployment Barriers
- IoT Device Adoption Fuels Rising Cybersecurity Threats: What Governments Must Do
- IoT Security Lessons from Recent Breaches: Protecting Your Enterprise
- Industrial IoT Security: Rising Threats and the Need for Integrated IT/OT Protection – Part 1
- Four Proven Steps to Secure Your IoT Devices: A Comprehensive Software Assurance Blueprint
- How 5G Adoption Enhances IoT Security: What You Need to Know
- Protecting Your Data: The Ultimate Guide to IoT Privacy & Security
- Researchers Warn of Growing IoT Security Threats