Most companies ‘worried about attacks due to unsecured IoT device’
Companies are “deeply concerned” that the failure to prevent a data breach or cyber attack due to an unsecured IoT device would have “catastrophic consequences”.
This is according to a new report by the Ponemon Institute and the Shared Assessments Program.
The Second Annual Study on the Internet of Things (IoT): A New Era of Third-Party Risk report found that almost all those surveyed (97 per cent) said they believe it is likely that a data breach or cyber attack related to unsecured IoT devices could be catastrophic.
Concerns are timely, with the number of IoT devices in the workplace expected to increase significantly. More than two-fifths (44 per cent) of respondents say their businesses keep an inventory, and that the average number of devices in the workplace is 15,874. This is expected to rise to an average of 24,762 this year.
Respondents also think they will soon suffer related problems. It was found that, in the next 24 months, 81 per cent of respondents said a data breach caused by unsecured IoT devices was likely, while the likelihood of a cyber attack increased to 82 per cent.
In addition, although advancements have been made in third-party risk focused on IoT devices and applications since last year, risk management in this area is still at a comparatively low maturity level.
It was also found that worries about a potential breach or cyber attack have become a reality. Those who reported that their organisation experienced a data breach specifically because of unsecured IoT devices or applications rose from 15 per cent to 21 per cent between 2017 and 2018. Meanwhile, the number of respondents reporting IoT-related cyber attacks increased from 16 per cent to 21 per cent.
Charlie Miller, senior vice president at the Shared Assessments Program, said: “The rapid adoption of IoT devices and applications is not slowing down and organisations need to have a clear understanding of the risks these devices pose, both inside their own and outside their extended networks.”
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.