Organizations face increased challenges securing IoT devices
We reported earlier today that businesses are struggling with IoT device connectivity, another report out today shows that securing these devices is a major problem too.
The study for Keyfactor, conducted by Vanson Bourne, finds 97 percent are struggling to secure their IoT and connected products to some degree.
The survey also finds that 98 percent of organizations experienced certificate outages in the last 12 months, costing an average of over $2.25 million.
"Organizations worldwide are under mounting pressure to ensure their IoT and connected devices are protected while navigating an increasingly complex digital landscape that requires complete trust," says Ellen Boehm, senior vice president, IoT strategies and operations at Keyfactor. "The results of this survey demonstrate the importance of identity-first security for those who manufacture IoT devices and those who deploy and operate them in their environment to establish digital trust at scale. Most organizations implement PKI solutions in their IoT security strategy, which is a huge step in the right direction. However, it’s clear that with 97 percent of organizations facing IoT security challenges, security teams are struggling to leverage their tools efficiently. Ensuring that IoT device security is managed throughout its lifecycle will go a long way in both eliminating costly certificate outages and enhancing the long-term viability of IoT within the enterprise."
Among other findings 89 percent of respondents' organizations that operate and use IoT and connected products have been hit by cyberattacks at an average cost of $250K. In the past three years, 69 percent of organizations have seen an increase in cyber attacks on their IoT devices too.
Connected devices are also becoming more common, in the past three years, respondents report a 20 percent average increase in the number of IoT and connected products used by organizations.
"Many IoT security strategies fail to prevent and protect against IoT-targeted cyber attacks because organizations lack the proper education and support needed to fully understand the task at hand," adds Boehm. "Over half of respondents agree that their organization doesn't have the proper awareness and expertise to prepare for IoT device cyber attacks, spotlighting the need for more guidance to fully secure their devices. Organizations can't protect against what they cannot understand."
The full report is available from the Keyfactor site.
Image credit: Panchenko Vladimir / Shutterstock