Just 30 Percent of Organizations Feel Ready to Handle IoT Security Risks


According to the results of a recent Tripwire survey of more than 220 information security professionals, just 30 percent of respondents said their organizations are prepared for the security risks associated with Internet of Things (IoT) devices, and just 34 percent believe their organizations accurately track the number of IoT devices on their networks.

Still, 47 percent of respondents expect the number of IoT devices on their networks to increase by at least 30 percent in 2017.

"The Internet of Things presents a clear weak spot for an increasing number of information security organizations," Tripwire director of IT security and risk strategy Tim Erlin said in a statement. "As an industry, we need to address the security basics with the growing number of IoT devices in corporate networks."

"By ensuring these devices are securely configured, patched for vulnerabilities and being monitored consistently, we will go a long way in limiting the risks introduced," Erlin added.

While only 11 percent of respondents consider DDoS attacks to be one of the two two security threats their organizations face, 47 percent are concerned about the weaponization of IoT devices for DDoS attacks.

"It seems that security professionals see IoT devices as a sort of 'zombie appliance army' that's worthy of great concern," Tripwire CTO and vice president of research and development Dwayne Melancon said in a statement. "That makes sense, since many of the current crop of IoT devices were created with low cost as a priority over secrity, making them easy targets. The large number of easily compromised devies will require a new approach if we are to secure our critical networks."

A separate CompTIA survey of 350 channel IT professionals and 512 business and IT executives found that 49 percent of channel firms believe that security will be a major focus as companies move forward with IT adoption.

Sixty-five percent of respondents view hackers as a leading threat to IT security and privacy, followed by vulnerabilities left open by devices manufacturers (52 percent) and unencrypted data traveling across networks (51 percent).

While 37 percent of companies said the benefits of connected devices outweigh security concerns, 14 percent said security and privacy are serious hurdles, and 49 percent said security and privacy are primary factors to consider during adoption.

Segmented by job function, 49 percent of executives said the benefits of connected devices outweigh security concerns, compared to 34 percent of respondents in an IT function and just 26 percent of respondetns in a line of business function.

A recent eSecurity Planet article offered advice on improving IoT security.

Photo courtesy of Shutterstock.