View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
January 26, 2015

IT professionals failing to address IoT security

Only 8% of IT workers in energy firms are concerned about cyber criminals attacking industrial controllers, survey finds.

By

An increasing number of IT professionals in the UK and US are unconcerned and inattentive about the growing risks of cyber criminals attacking the Internet of Things.

A survey, conducted by security firm Tripwire and Atomik Research, found that only 8% of IT workers in energy firms are concerned about cyber criminals attacking industrial controllers, while 88% lack confidence in the secure configuration of industrial controllers.

The survey of 404 IT professionals and 302 executives from retail, energy and financial services firms, also found that less than a quarter overall are confident in the secure configuration of IoT devices that are already on enterprise networks.

These include point-of-sale devices, internet phones, sensors for physical security, smart controllers for lights and HVAC, and industrial controllers.

It also found that just 46% believe the risks associated with the IoT have the potential to become the most significant risks on their networks.

"The reason many enterprises are relatively ‘unconcerned’ about the security of IoT devices is because they misunderstand the risk. Frequently, organisations believe that they have nothing of value that would interest an attacker – this is rarely true," Tripwire’s security development manager Chris Conacher said.

"For attackers there is always something to be gained, and they’re not always looking for data that has financial value. From the theft of information or services that can be used to add a veneer of legitimacy to phishing campaigns or user credentials that can be used to gain access to a connection point from which to attack corporate partners, there is always something of value."

Content from our partners
European Technology Leadership: Deutsche Bank CTO Gordon Mackechnie
Print’s role in driving the environmental agenda
What finance leaders get wrong about digital transformation

The research also found that employees working from home have an average of 11 IoT devices on their home networks, while 24% have connected at least one of these devices to their enterprise networks.

Paul Simmonds, CEO, Global Identity Foundation, said: "The study highlights the need to be able to build security and identity into the IoT in a standard way so that IoT devices can be on-boarded into whichever environment is required – home, business or national critical infrastructure. A plethora of cloud-based solutions unique to each manufacturer, suppler or even device will lead to chaos and insecurity.

The research comes as IDC expects more than 28 billion IoT devices to be installed by 2020, up from an estimated nine billion today.

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU