Building a slide deck, pitch, or presentation? Here are the big takeaways:
- 20% of organizations have experienced at least one IoT attack in the last three years. — Gartner, 2018
- Spending on security for smart devices will reach more than $3 billion by 2021. — Gartner, 2018
As Internet of Things (IoT) devices like Apple’s HomePod and Amazon’s Echo become more popular, attempts to hack these devices have also increased, prompting industry leaders to spend more time and money on security in an effort to address the issue.
Some 20% of organizations have experienced at least one IoT attack in the last three years, according to a new report from Gartner. While spending on security for smart devices will reach more than $1.5 billion this year, the firm predicts, the inability of the industry to prioritize and implement “security best practices” is hampering efforts to tackle the problem, according to a press release.
“Although IoT security is consistently referred to as a primary concern, most IoT security implementations have been planned, deployed and operated at the business-unit level, in cooperation with some IT departments to ensure the IT portions affected by the devices are sufficiently addressed,” Ruggero Contu, research director at Gartner, said in the release. “However, coordination via common architecture or a consistent security strategy is all but absent, and vendor product and service selection remains largely ad hoc, based upon the device provider’s alliances with partners or the core system that the devices are enhancing or replacing.”
The entire IoT industry is in need of better regulation, Gartner said in the report, and as more smart devices are weaved into other heavily regulated industries such as healthcare and automotives, companies will be forced to comply with more stringent security rules.
SEE: The Power of IoT and Big Data (Tech Pro Research)
“This innovation, often described as Industrial Internet of Things (IIoT) or Industry 4.0, is already impacting security in industry sectors deploying operational technology (OT), such as energy, oil and gas, transportation, and manufacturing,” Contu said in the release.
The tech industry has been grappling with the security of IoT devices for years, most notably since a massive cyber attack in the fall of 2016 left many of the internet’s biggest websites down for hours across the globe.
The attack featured the use of the ” Mirai botnet” which focused specifically on targeting IoT devices, giving it access to thousands of different entry points into a system.
David Fidler, an adjunct senior fellow for cybersecurity at the Council on Foreign Relations, told The Guardian in 2016 that he couldn’t remember a hacking attempt even half the size of the Mirai attack.
“We have a serious problem with the cyber insecurity of IoT devices and no real strategy to combat it. The IoT insecurity problem was exploited on this significant scale by a non-state group, according to initial reports from government agencies and other experts about who or what was responsible,” Fidler told The Guardian.
“Imagine what a well-resourced state actor could do with insecure IoT devices,” he added.
More and more governments are integrating smart technology and IoT devices into every aspect of daily life, but the security is often an afterthought.
Despite many new regulations aimed specifically at IoT deployment, few, if any companies, governments and people take the time to secure their devices, according to a report from Future Markets Research.
“Although a number of governing authorities have issued guidelines to be followed by IoT device manufacturers so as to protect against cyber-attacks on IoT networks and devices, many device manufacturers and users are not strictly adhering to these guidelines,” they wrote in the report, which focused on IoT security between 2017 and 2027.
“Non-adherence to these guidelines results in security lapses, which cyber attackers can take advantage of and this creates challenges for IoT security solution providers. This factor is expected to hamper growth of the IoT security product market to a large extent,” they said.