Technology / Less than a third of businesses ready for Internet of Things security risks
Less than a third of businesses ready for Internet of Things security risks
30 August 2016 |
Less than a third of businesses are ready to tackle the security risks of the Internet of Things (IoT), according to a survey.
Only 30 per cent of security professionals polled by Tripwire at the Black Hat USA conference said their firms are prepared for the risks posed by connected devices.
Meanwhile, only 34 per cent of those questioned said they believe their organisations accurately track the number of IoT devices on their networks.
“The IoT presents a clear weak spot for an increasing number of information security organisations,” said Tim Erlin, director of IT security and risk strategy at Tripwire.
“As an industry, we need to address the security basics with the growing number of IoT devices in corporate networks.
“By ensuring these devices are securely configured, patched for vulnerabilities and being monitored consistently, we will go a long way in limiting the risks introduced.”
78 per cent of those polled are concerned about the weaponisation of IoT devices to use in distributed denial of service (DDoS) attacks, but only 11 per cent consider DDoS attacks to be one of the top two threats their organisations face.
47 per cent said they expect the number of IoT devices on their networks to increase by at least 30 per cent in 2017, the survey results showed.
“It wasn’t so long ago that home computer ‘zombie armies’ were the weapon of choice for a lot of cyber attacks and denial of service attacks,” said Dwayne Melancon, chief technology officer and vice president of research and development at Tripwire.
“It seems that security professionals see IoT devices as a sort of zombie appliance army that’s worthy of great concern. That makes sense, since many of the current crop of IoT devices were created with low cost as a priority over security, making them easy targets.
“The large number of easily compromised devices will require a new approach if we are to secure our critical networks. Organisations must respond with low-cost, automated and highly resilient methods to successfully manage the security risk of these devices at scale.”
For more on the survey, see the Tripwire website.