While the Internet of Things (IoT) has allowed businesses to become more connected, it has also opened up a host of security concerns and anxieties for IT and business leaders, according to a new report from ForeScout and Forrester. This is a major problem, as 90% of companies said they expect to see the volume of connected devices increase in the next few years.
Some 77% of companies say the increased use of connected devices creates significant security challenges, according to a survey of 603 IT and LoB decision-makers that are directly involved in their organization's network, data, and endpoint security processes. And some 82% of organizations struggle to identify all of their network-connected devices, the survey found.
IoT is bringing new levels of complexity and anxiety over potential security failures to businesses as well, the report found. More than half of respondents said they have anxiety due to IoT security, with line of business leaders reporting higher levels (58%) compared to their IT counterparts (51%).
This discrepancy could be due to understanding the magnitude that a breach can have on business operations, and a lack of assurances from the IT department that their devices are secure, the report noted. The added costs and amount of time needed to manage these devices, as well as a lack of security skills, may also be adding anxiety to the business side.
SEE: Enterprise IoT Research 2017: Benefits, Trends, and Security Concerns (Tech Pro Research)
"The survey results demonstrate a dynamic shift in the way organizations are starting to think about security and risk as it relates to IoT. Each new device that comes online represents another attack vector for enterprises and it only takes one device to compromise an entire network and disrupt business operations, which can impact the bottom line," Michael DeCesare, president and CEO at ForeScout, said in a press release. "Securing IoT is not just a cybersecurity issue, it is a business issue and operating at any risk level is too much."
Budget constraints were cited by both IT and the line of business as the greatest barrier to investing in IoT security, followed by a lack of support from senior leadership. Without added investment, 40% of security professionals said they were relying on their traditional security approaches to protect IoT devices. However, this strategy prevents organizations from being able to identify all network-connected devices: If audited, 82% of respondents said they would not be able to identify all of the devices connected to their network.
Leadership around IoT security also remains an issue: When asked who is primarily responsible for securing IoT devices on an enterprise network, 44% of IT respondents compared to 36% of line of business respondents said security operations professionals. However, line of business respondents said they were more likely than IT to prefer a dedicated line of business IT staffer or practitioner to be responsible.
"While most companies tend to keep security under the purview of IT, it is becoming more critical for collaboration amongst asset managers, LoB teams and the network teams that are adopting and deploying these connected devices," according to a press release. "This is important for enterprises as they consider their IoT security strategy, including managing default security configurations and enabling proper visibility of all devices."
In terms of security priorities, 48% of all respondents said that improving awareness and visibility of IoT devices was a top priority for improving IoT security. Some 82% of respondents expect their IoT security spend to increase over the next one to two years. And when considering the adoption of IoT security solutions, more than half of respondents said integration with existing security systems was the most important criteria to take into account.
Gartner predicts that by the end of 2017, we will see 8.4 billion connected devices in use worldwide. Security experts predicted a rise in IoT security breaches this year, making it extremely important for manufacturers to ensure devices are secure, and for enterprise and consumer users to have security protocols in place.
Want to use this data in your next business presentation? Feel free to copy and paste these top takeaways into your next slideshow.
- 90% of companies expect to see the volume of connected devices in the workplace increase in the next few years. -ForeScout, 2017
- 77% of companies say increased use of connected devices creates significant security challenges. -ForeScout, 2017
- 82% of companies said they are unable to identify all of the devices connected to their network. -ForeScout, 2017
- Enterprise IoT adoption to hit critical mass by 2019, but security remains a top concern (TechRepublic)
- Internet of Things: The Security Challenge (ZDNet)
- Here are the biggest IoT security threats facing the enterprise in 2017 (TechRepublic)
- Why big data leaders must worry about IoT security (TechRepublic)
- Hiring kit: IoT developer (Tech Pro Research)
Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.