According to Cradlepoint and Spiceworks’ “State of IoT 2018” study, 40% of companies have serious doubts about the cybersecurity of IoT solutions. In fact, a study by the company Gemalto, called “The State of IoT Security”, approximately 11% of the Spending on IoT is based on the security of its IoT products or services, but only 57% of the companies encrypts IoT data , conveying a lack of trust to consumers.
42% companies invest more than 1 billion annually in IoT
According to Zebra Technologies Corporation, 48% of the organizations are trying to become smart companies. Proof of this is that 42% invests on average 3.1 trillion annually in the Internet of Things (IoT).
According to the company, the main goal of this IoT investment is to try to improve the customer experience. And, three-quarters of companies agree that investment will be greater in the coming years.
Other motivations, according to a study by Cradlepoint and Spiceworks, are physical security (32%) – About 71% respondents who already use IoT technologies say they are using it to create security, often through security cameras, improving process efficiency (23%), reducing operational costs (21%) and simplifying management (20%).
According to Zebra Technologies Corporation, another of the most common uses of this technology is the exchange of IoT information with other workers (70%), as well as, guiding the decision-making process and detecting information automatically . But, only a 36% has fully implemented IoT, although it is estimated that 62% of the companies will do so in the coming years.
However, 40% of companies have serious doubts about the cybersecurity of IoT solutions.
“Following the proliferation of IoT botnets like Reaper and Mirai, which infected millions of Internet-connected security cameras, routers and digital video recorders, it is clear that insecure IoT devices, even security devices connected, put organizations at greater risk,” said Peter Tsai, senior technology analyst at Spiceworks.
“Companies deploying IoT devices to their existing enterprise networks are significantly expanding their attack surface and creating new vulnerabilities to IoT-specific threats that traditional security tools do not are equipped to drive,” said Ken Hosac, vice president of IoT business development at Cradlepoint.
Therefore, it is necessary to check the devices that you plan to introduce. As well as protecting them from potential threats, especially given that more than half of companies are already implementing IoT solutions on their network, managing their own security.
IoT security is becoming more urgent
According to a study by Gemalto, it is estimated that approximately 11% of the Spending on IoT is based on the security of its IoT products or services. The 57% of employees in positions of responsibility that involve making decisions ensures that your company encrypts IoT data. In addition, only about six out of ten of those who encrypt do so as soon as the data is collected by the IoT device. According to the company, it would ideally be for IoT data protection to be performed at all critical points in the IoT ecosystem using encryption.
94% of the decision makers think there are still challenges in IoT security. And 93% consumers agree with the need to increase security. Among the most well-sounded challenges are the cost of implementation (44%), the large amount of data that is collected (39%). Although, consumers place more emphasis on the lack of external guidance (43%), as well as the lack of clarity on responsibility (41%).
However, for 32% decision makers, IoT is secure, drives business revenue (18%), and improves the customer experience (15%). Even so, organizations do not have As internalized IoT security as they should, as, while four out of ten companies are striving to do so, only half of the companies engaged in providing IoT services have adopted a “security by design” approach, that is, include security within the design of the IoT product or offering.
The most popular technologies for IoT security are encryption (56%) and password protection (52%), as well as being the most commonly used – a 67% and a 63%, respectively. Other security techniques to highlight are two-factor authentication (38%) and biometrics (35%).
The need to give a greater security vision to customers, as well as good management of data and financial costs is even greater considering that many of the customers (84%) and decision makers (81%) believe that the large amount of data collected through IoT makes privacy a challenge. In addition, as the IoT environment grows, the challenge will be greater, so a business strategy is needed to address it.
Despite the large expense of increasing IoT security, this can be justified by considering that nine out of ten companies agree that it has increased sales thanks to the increased IoT security. So safety seems to be decisive in consumer behavior.
Only 14% consumers are informed about IoT device security
Consumers surveyed in the study, 54% has some IoT device, but only the 14% considers that they are informed about device security, and most (89%) have doubts about the erspect.
“With so many everyday consumer devices becoming IoT enabled, a security breach in one could lead to the entire consumer IoT ecosystem falling. IoT-based partnerships and security regulations could be critical to the future of IoT from a consumer perspective.” Gemalto’s report says.
Therefore, today companies need to convey confidence to consumers about cybersecurity, especially when you consider recent accidents as the WannaCry attack was very loud so consumer fears are growing. The biggest fears on the part of consumers are, first of all, the control of devices performed by a hacker (65%),the leaked data (60%) and access to the personal information of the device by a hacker (54%).
However, the perceived security level required by consumers varies depending on the device in question. For example, more than half of customers perceive that connected cars (54%) and Smart Cities (51%) need a higher level of safety than health and sport-related devices (23%).
Still, any IoT device that doesn’t have the necessary security is really flashy and urgent. Although both employees and consumers agree on the importance of IoT security, 90% consumers believe that this security has to come standardized, so they would not have to consider itself regarding security systems, leaving them unsecured. In fact, only 45% of the customers surveyed who own at least one IoT device have changed the default password. So they may be more vulnerable to information theft, or identity fraud.
Consumer confidence could be strengthened if a regulatory framework were defined, and if confidence increases consumption could also benefit, so that the IoT market would increase. The vast majority of consumers (90%) and decision-makers agree that IoT security standards should be established, and government intervention on this issue might be desirable – for a 79% decision-holders, and for 72% of consumers.
In addition, 65% of the decision-holders who agree to a regulation, believe that data storage security mechanisms should be a critical part of IoT security standards. Not only that, it should also specify the consequences of not respecting safety rules, as well as including who will be the person responsible for that data at all stages of the journey (61%).
“To regain consumer confidence in IoT security, organizations must be able to demonstrate that they have the right security partnerships and technologies, as well as an excellent IoT security record.” It clarifies in report.
Partnerships with IoT security specialists bring great benefits
Almost all decision-makers in the company (95%) agree that your organization is associated with ioT-related positions. In addition, these are associated with an average of three other providers – 52% from cloud service providers and 50% IoT service providers. It should be noted that 31% of the consumers believe that the specialized security companies are the ones that will best protect their IoT data. Still, only 31% partners with IoT security specialists.
While these partnerships may involve greater complexity of the IoT ecosystem – only 33% of the organizations associated with other IoT believe they have complete control of the data circulating among partners. Just over half ensures that partnerships with IoT security specialists help them with these issues, facilitating the ability to provide a secure platform as well as a better customer experience; having suitable partners can be key at this point and translate into a competitive advantage. These partnerships are also conducted to facilitate and accelerate the deployment of IoT (46%), as well as the exchange of knowledge between organizations (47%).
In fact, 96% of the decision-makers whose companies are associated with IoT security-related organizations say that this partnership will bring you benefits, a cost reduction (46%), will bring you greater IoT universe (38%) and will give the consumer greater confidence about IoT security (37%).
According to the report: “The IoT ecosystem is constantly growing, becoming more complex and more competitive; organizations need to establish these partnerships and work to their full potential as quickly as they can.”
In addition, “IoT partnerships are important for organizations to deliver the right level of IoT security and this is reflected in consumer beliefs. Organizations will continue to monetize IoT through robust security and the best way to show that is through a well-established partnership with a well-established IoT security specialist.”
