Altman Vilandrie & Company survey shows significant costs of IoT hacks — up to 13% of revenues for smaller firms.
The survey goes on to say that such incidents can cost smaller companies as much as 13% of their annual revenue, and for firms with over $2 billion in revenues, the cost could potentially reach more than $20 million.
The survey polled 400 IT professionals across 19 industries, and revealed that 48 percent of firms have experienced at least one IoT security incident. Topics included IoT use cases, IoT security adoption, challenges solved by IoT security, exposure to IoT security incidents, demand for specific functionality, spend and budgeting for IoT security, vendor selection criteria, and bundled purchasing behaviors.
“While traditional cybersecurity has grabbed the nation’s attention, IoT security has been somewhat under the radar, even for some companies that have a lot to lose through a breach,” said Altman Vilandrie & Company Director Stefan Bewley, who co-directed the survey. “IoT attacks expose companies to the loss of data and services and can render connected devices dangerous to customers, employees and the public at large. The potential vulnerabilities for firms of all sizes will continue to grow as more devices become Internet dependent.”
The companies that said they hadn’t experienced an IoT related security breach were found to have invested 65% more on IoT security than those companies that did have security issues. The survey also found that provider reputation and product quality were the most important factors in choosing IoT security solutions rather than cost.
“We see it being critical for security providers to build a strong brand and reputation in the IoT security space. There are lots of providers developing innovative solutions, but when it comes to purchasing decisions, buyers are looking for a brand and product they trust,” said Altman Vilandrie & Company Principal Ryan Dean, who co-directed the survey. “Price is a secondary concern that buyers tend to evaluate after they have narrowed their options down to a few strong security solutions.”
According to the company, other key findings include:
- Sixty-eight percent of respondents think about IoT security as a distinct category; yet only 43% have a standalone budget.
- Despite the fact that separate business units may have different needs, 74% of firms centralize IoT security decisions for the entire organization.
- After “preventing loss of control over IoT devices,” traditional cybersecurity concerns such as “preventing breaches of customer information” and “preventing breaches of company data” are ranked as the next most important reasons to adopt IoT security.