In a Tripwire survey of over 200 security professionals, less than a third said they were prepared to deal with IoT security risks.
Security and compliance solution provider Tripwire released the results of its latest study, a survey of 220 security professionals who attended the recent Black Hat USA conference in Las Vegas. When asked if their organizations were prepared to handle the security risks associated with the IoT, only 30 percent of them answered “yes.”
In addition, only 34 percent said they felt their organizations accurately track all the IoT devices on their network, while half said they expect the number of devices on those networks to increase by at least 30 percent next year.
Cisco says the number of IoT devices is expected to increase to over 50 billion by 2020, yet that popularity is coming with some pretty serious security issues, including everything from hacked smart thermostats, to security cameras being made into botnets, and the growing popularity of ransomware.
“The Internet of Things presents a clear weak spot for an increasing number of information security organizations,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “As an industry, we need to address the security basics with the growing number of IoT devices in corporate networks. By ensuring these devices are securely configured, patched for vulnerabilities and being monitored consistently, we will go a long way in limiting the risks introduced.”
Survey respondents revealed they have some pretty serious concerns about IoT security. Approximately 78 percent said they are concerned about the use of IoT devices as weapons in DDoS attacks, yet only 11 percent said they consider such attacks one of the top two security threats their organizations are facing. Instead, they said they felt ransomware and cyber-espionage were more of a threat.