sb-nz logo
Story image

IoT breaches: Nearly half of businesses still can’t detect them

16 Jan 2019

The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.

The company surveyed 950 IT and business decision makers around the world.

According to the study, almost half (48 percent) of businesses still can’t detect IoT device breaches. This is despite the survey revealing an increased focus on IoT security:

The allocation of IoT budgets for protection has risen from 11 percent in 2017 to 13 percent today

90 percent of companies believe it is a big consideration for customers

Almost three times as many now see IoT security as an ethical responsibility

According to Gemalto, companies are increasingly calling on governments to intervene with 79 percent demanding more robust guidelines on IoT security, and 50 percent seeking clarification on who is responsible for protecting IoT.

Despite the fact that many governments have already imposed or announced regulations specific to IoT security, 95 percent of businesses affirm there should be uniform regulations in place – which Gemalto asserts is also echoed by the clear majority of consumers.

“Given the increase in the number of IoT-enabled devices, it’s extremely worrying to see that businesses still can’t detect if they have been breached,” says Gemalto Data Protection CTO Jason Hart.

“With no consistent regulation guiding the industry, it’s no surprise the threats – and, in turn, vulnerability of businesses – are increasing. This will only continue unless governments step in now to help industry avoid losing control.”

Gemalto says businesses are seeking government intervention as they perceive the process of securing connected devices and IoT services to be a mammoth task. This is particularly pronounced for data privacy (38 percent) and the collection of large amounts of data (34 percent).

The relentless growth in the amount of data and the protection obligations that comes with it appears to be an increasing headache for businesses, with only three in five of those using IoT and spending on IoT security actually encrypting all of their data.

62 percent of consumers are not impressed with the current proceedings and believe security needs to improve. When it comes to the biggest areas of concern, 54 percent fear a lack of privacy because of connected devices, trailed closely by unauthorised parties like hackers controlling devices (51 percent) and lack of control over personal data (50 percent).

A technology that is gaining in prominence as an IoT security tool, Gemalto says, is blockchain. The adoption of blockchain has more than doubled over the last year, from 9 percent to 19 percent.

Furthermore, 23 percent believe that blockchain technology would be an ideal tool to secure IoT devices, while 91 percent of organisations that aren’t currently using blockchain technologies are likely to consider it in the future.

In terms of methods businesses are using to protect themselves against cybercriminals, 71 percent encrypt their data, while password protection (66 percent) and two factor authentication (38 percent) remain prominent.

“Businesses are clearly feeling the pressure of protecting the growing amount of data they collect and store,” says Hart.

“But while it’s positive they are attempting to address that by investing in more security, such as blockchain, they need direct guidance to ensure they’re not leaving themselves exposed. In order to get this, businesses need to be putting more pressure on the government to act, as it is them that will be hit if they suffer a breach.”

Story image
BlackBerry, Microsoft enter partnership for Teams integration
"Integrating BlackBerry AtHoc will ensure that any organisation managing critical events using Teams is able to contact, alert, and account for everyone within the organisation directly."More
Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More
Story image
The three-pronged security approach that confronts security breaches head-on
Having these three processes working in tandem is key to cushioning the blow of a breach - which, if insufficiently protected, can take on average 279 days to contain and costs an average of almost US$4 million.More
Story image
Lumen launches managed security services for APAC market
The new service is designed to provide enterprise businesses with a proactive, connected security strategy to enhance threat detection and protection across endpoints. More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More