Familiar cybersecurity horror show coming soon to IoT deployments near you
Many cybersecurity professionals are now resigned to watching the rise of Internet of Things (IoT) play out much like an all too familiar horror movie. They know the potential victims shouldn’t go for a walk the woods at night by themselves without a flashlight. Nevertheless, for some inexplicable reason, the stars of the show go ahead anyway knowing full well their potential fate.
A new survey of 700 enterprise IT organizations located in five countries (China, Germany, Japan, United Kingdom and the U.S.) conducted by the market research firm Vanson Bourne on behalf of Irdeto, a provider of security software and services for IoT environments, finds 82% of organizations that manufacture IoT devices are concerned that the devices they develop are not adequately secured from a cyberattack. A full 90% said their organizations have already been impacted on some level by such attacks with the average cost impact being $330,000. Only 7% of respondents said that their organization has everything it needs to address cybersecurity issues. A full 93% of manufacturers along with 96% of users of IoT devices said the cybersecurity of the IoT devices they build or employ could be improved to a great extent or to some extent.New survey: 82% of organizations that manufacture IoT devices are concerned that the devices they develop are not adequately secured from a cyberattack. Click To Tweet
Fewer than half (49%) make security a part of the product design lifecycle process (49%) and only little more than half (53%) conduct continuous security and/or code reviews. On the plus side, progress is being made. The survey finds 18% of respondents plan on adding software protection in the next year, while 29% plan on adding mobile app protection, 30% plan on making security part of the product design lifecycle and 29% plan on implementing continuous security and/or code reviews.
Nearly half of the respondents (46%) said they need additional expertise/skills within the organization to address all aspects of cybersecurity. More effective cybersecurity tools and a need for a more robust cybersecurity strategy were each cited by 43% of respondents as areas of concern.Many of the people attaching systems to the Internet come from operations teams that don’t have a lot of cybersecurity and networking expertise.Click To Tweet
To be fair, many of the participants in this IoT movie have never seen this genre of cybersecurity movie before. Many of the people attaching systems to the Internet come from operations teams that don’t have a lot of cybersecurity and networking expertise. That lack of expertise, however, doesn’t seem to give them a moment of pause before forging ahead. The potential business benefits of the IoT initiative apparently outweigh any potential risk.
The average cybersecurity professional, on the other hand, has seen this same scene play out time and again, first with Web applications and then mobile computing devices. It’s just a matter of time before many of the same nightmares that cybersecurity professionals have already lived through several times manifest themselves again in a slightly different form. Unfortunately, not everyone may live through an IoT cybersecurity mishap. Many of these devices are being deployed in scenarios where actual lives are at stake.
In an ideal world, cybersecurity professionals would be proactively working to prevent such a disaster. The reality of the situation is they might not even know an IoT project exists until its too late. Regardless of the outcome ahead, the one thing that is certain is cybersecurity teams will be asked to clean up the bloody mess.
Barracuda offers highly secure, ultra-small and ruggedized devices for advanced network security, encrypted communications, and cost-effective connectivity. Get a free trial here.