View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
January 26, 2015

IT professionals failing to address IoT security

Only 8% of IT workers in energy firms are concerned about cyber criminals attacking industrial controllers, survey finds.

By Amy-Jo Crowley

An increasing number of IT professionals in the UK and US are unconcerned and inattentive about the growing risks of cyber criminals attacking the Internet of Things.

A survey, conducted by security firm Tripwire and Atomik Research, found that only 8% of IT workers in energy firms are concerned about cyber criminals attacking industrial controllers, while 88% lack confidence in the secure configuration of industrial controllers.

The survey of 404 IT professionals and 302 executives from retail, energy and financial services firms, also found that less than a quarter overall are confident in the secure configuration of IoT devices that are already on enterprise networks.

These include point-of-sale devices, internet phones, sensors for physical security, smart controllers for lights and HVAC, and industrial controllers.

It also found that just 46% believe the risks associated with the IoT have the potential to become the most significant risks on their networks.

"The reason many enterprises are relatively ‘unconcerned’ about the security of IoT devices is because they misunderstand the risk. Frequently, organisations believe that they have nothing of value that would interest an attacker – this is rarely true," Tripwire’s security development manager Chris Conacher said.

"For attackers there is always something to be gained, and they’re not always looking for data that has financial value. From the theft of information or services that can be used to add a veneer of legitimacy to phishing campaigns or user credentials that can be used to gain access to a connection point from which to attack corporate partners, there is always something of value."

Content from our partners
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system
How tech leaders can keep energy costs down and meet efficiency goals

The research also found that employees working from home have an average of 11 IoT devices on their home networks, while 24% have connected at least one of these devices to their enterprise networks.

Paul Simmonds, CEO, Global Identity Foundation, said: "The study highlights the need to be able to build security and identity into the IoT in a standard way so that IoT devices can be on-boarded into whichever environment is required – home, business or national critical infrastructure. A plethora of cloud-based solutions unique to each manufacturer, suppler or even device will lead to chaos and insecurity.

The research comes as IDC expects more than 28 billion IoT devices to be installed by 2020, up from an estimated nine billion today.

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.