Despite the rise of high-profile IoT botnet attacks, such as Mirai and Reaper, a survey shows that a staggering 49% of organisations plan to roll-out IoT deployments on existing enterprise networks. So, just how important is cybersecurity? What if adopting IoT left devices vulnerable to botnet attacks?
Releasing its Business Intelligence Report, The State of IoT 2017-2018, Cradlepoint delves into the current IT practices, perceptions and future plans surrounding global IoT deployments. The fundamental study discovered that even though over 69% of organisations have adopted, or plan to adopt, IoT solutions within the next year, 40% of companies have serious concerns around cybersecurity.
Conducted by Spiceworks, the study surveyed 400 IT professionals in the US, Canada and the UK at companies with at least 500 employees across 22 industries. Respondents are all involved with IoT strategies and decisions at their organisations.
While cybersecurity remains the top concern (40%), it is a desire for increased physical security that is the top driver for IoT adoption (32 %), followed by improved operational processes (23%), reduced operational costs (21%) and simplified management (20%). Approximately 71% of respondents who already use IoT technologies say they’re using it for building security, often through security cameras.
Recent botnet attacks have infected millions of IoT devices. Yet, despite the growing security threat associated with IoT, research shows that about half of the organisations surveyed are deploying IoT solutions on their existing enterprise network and 57% prefer to manage their own IoT device security.
The full survey broaches other IoT factors including how IT pros plan to implement IoT, as demonstrated in the graph below.
“Following the spread of IoT botnets like Reaper and Mirai, which infected millions of internet-connected security cameras, routers, and digital video recorders, it’s evident that insecure IoT devices, even connected security devices, are putting organisations more at risk,” said Peter Tsai, senior technology analyst at Spiceworks. “Before deploying network-connected devices that create more entry points for hackers to exploit, organisations should vet the security of all IoT devices they plan to introduce and ensure their company can adequately protect these devices from potential threats.”
“Our new ‘State of IoT’ report highlights a looming issue within commercial IoT deployments – cross-contamination. Companies that deploy IoT devices on their existing enterprise networks are significantly expanding their attack surface and creating new vulnerabilities to IoT-specific threats that traditional security tools are not equipped to handle,” said Ken Hosac, vice president of IoT business development at Cradlepoint. “The good news, however, is that companies can leverage software-defined perimeter technology to spin-up virtual overlay networks, without trained specialists, that isolate IoT devices from existing networks—and other IoT devices, control access and shield them from being Internet-addressable.”