Small and medium-sized enterprises (SMEs) are taking more steps to protect themselves from security risks presented by the Internet of Things (IoT) than bigger companies, according to a new study by Pwnie Express.
The research paper, ‘Is Bigger Better?’, found that smaller firms are more likely to “close the IoT security gap” and offer more protection against malware and other threats for their mission critical systems and business operations.
Pwnie Express’ research, into 950 IT security professionals, found that despite having fewer security resources than larger businesses, smaller firms are currently doing more to identify potential threats, as well as assess any potential dangers that have been introduced by connected devices.
Paul Paget, Pwnie Express chief executive, said: “It’s a bit counterintuitive, because large companies have the finances and the people to secure their connected devices and critical infrastructure, but smaller operations are doing more with less.
“That said, it is clear that the introduction of IoT into the enterprise is challenging the status quo of IT security across the board.”
The company said that 41 per cent of IT security professionals at companies with more than 1,000 employees did not know what types of attacks (for example, ransomware, malware or so-called ‘man-in-the-middle’ attacks) had hit their IoT devices in the last year.
Just 25 per cent of IT security professionals employed by SMEs said they were unaware of attacks. Pwnie Express said this number is still too high, but “much better” than the results from larger organisations.
Respondents from companies with fewer than 1,000 employees also reported being more likely to check wireless devices for malicious infections in the last month, with 64 per cent of SMEs checking, while 55 per cent of the IT security professionals at larger firms doing so.