After findings revealed almost a fifth of organisations found an IoT-based attack in the last year, Gartner predicts IoT security spending will double by 2021.
The number of IoT devices has increased significantly in the last couple of years, leading to security being placed at the top of the priority list for spending. Gartner predicts that in 2018 IoT security spending is set to increase by 28% to $1.5bn worldwide, in comparison to $1.2bn last year.
Improvement on discovery and asset management, as well as software and hardware security assessments and penetration testing will all be the key driving factors to the increased spend Gartner said.
“In IoT initiatives, organisations often don’t have control over the source and nature of the software and hardware being utilised by smart connected devices,” said Ruggero Contu, research director at Gartner. “We expect to see demand for tools and services aimed at improving discovery and asset management, software and hardware security assessment, and penetration testing. In addition, organisations will look to increase their understanding of the implications of externalising network connectivity.”
Despite security being a concern with IoT devices, Gartner predicts that during 2020 the biggest preventer to growth in security will be lack of priority and implementation of security practice. On average, these factors could hamper the potential amount of spend by 80%.
The implementation of GDPR has been cited by Gartner as an influencer to boost IoT security within businesses. Industries must comply with the new regulations and guidelines therefore security infrastructure must be updated accordingly, inevitably increasing spend on IoT security. Bearing this in mind, as the spending growth slowly increases year on year, it is expected to double in value by 2021 and total $3.1bn.
“This prediction shouldn’t surprise anyone as serious IoT vulnerabilities are being discovered all the time,” Piers Wilson, Head of Product Management at Huntsman Security said. “Companies are now stuck in a situation where, because it’s impossible to retrofit proper security measures onto a device that’s already out there, they’re relying on their security analysts to mitigate the threat. IoT users are struggling to keep up and finding their security teams overwhelmed, which only leads to mistakes and eventually burnout.”
Solving the security of IoT lies within technology itself, using automation. These process will better the detection and resolution of issues but require bigger budgets from business, which Gartner already outlined is happening within organisations.
Wilson said: “The solution is relieving the pressure by automating the job of monitoring. An automated system can quickly establish a normal baseline of behaviour for any device so that when bad guys do try to exploit a vulnerability, it becomes immediately obvious. The system can assess the threat and prioritise the most dangerous, allowing security analysts to handle the biggest problems rather than constantly running from pillar to post.”