UK companies are concerned about IoT security, with their biggest worry coming from reputational damage of a security breach. According to a survey by Forrester Consulting, commissioned by ForeScout, the UK has the second-highest level of IoT anxiety (57 per cent) worldwide, behind Australia and New Zealand (63 per cent).
In addition to breach concerns, network visibility was a leading cause of anxiety for the survey respondents, located in the UK, USA, France, Germany and New Zealand. 82 per cent said that they would struggle to identify all of the connected devices on their network, and are unsure who is responsible for securing IoT hardware.
77 per cent of respondents said that the IoT is causing security challenges, and 76 per cent are rethinking their security strategies. Despite this, more than half (59 per cent) said that they were willing to tolerate a ‘medium-to-high' level of risk in relation to compliance requirements for IoT security.
ForeScout CEO Mike DeCesare said, "The survey results demonstrate a dynamic shift in the way organisations are starting to think about security and risk as it relates to IoT. Each new device that comes online represents another attack vector for enterprises and it only takes one device to compromise an entire network and disrupt business operations, which can impact the bottom line. Securing IoT is not just a cybersecurity issue, it is a business issue and operating at any risk level is too much. Enterprises need full visibility."
Business leaders are more concerned about IoT security than their IT counterparts: 58 per cent versus 51 per cent. Both cited budget constraints (business: 43 per cent; IT: 45 per cent) as the greatest barrier to investing in security, followed by skepticism from senior leadership. This, the survey concludes, restricts security professionals from trying new approaches.
ForeScout's survey comes as governments around the world are beginning to pay attention to the risks posed by the IoT (some would say too late, with botnets like Mirai and Reaper causing significant harm). Europol recently hosted the Hyperlink IoT security conference, while the Australian government has proposed a security star rating system for IoT devices. In the USA, the IoT Cybersecurity Improvement Act sets a minimum level of security by eliminating default passwords.
After firing off writs against AMD and Intel, ambulance-chasing lawyers take aim at Apple
Scientists claim to have found a way to create lighter and more reliable batteries
A malicious script has been in operation since November
Scientists are crowdsourcing help in detecting rare high-energy cosmic rays - and all you need is a mobile phone