Only 14% have complete organizational awareness of IoT threats
86 percent of IT and security decision makers across the globe believe their organization needs to improve its awareness of IoT threats, according to Trend Micro. This significant lack of knowledge accompanies rising threat levels and security challenges related to connected devices, which leaves organizations at great risk.
The poll of 1,150 IT and security leaders reveals a worrying lack of cybersecurity maturity in many organizations around the world as they deploy IoT projects to drive innovation, agility and digital transformation.
“A common theme in cyberattacks today is that many are driven by a lack of security awareness, and this is accentuated with IoT security,” said Kevin Simzer, chief operating officer for Trend Micro. “It’s a good first step to see that IT leaders recognize awareness levels need to rise across the organization. We recommend business leaders clearly acknowledge the IoT security challenges affecting their company, understand where their security requirements, and invest accordingly to make their security goals a reality.”
A lack of IoT security awareness leaves companies increasingly exposed to potentially damaging cyberattacks. According to the survey, current attacks are targeting office devices most, followed by manufacturing and the supply chain. When an attacker compromises these devices, they can also gain access to the greater corporate network to conduct even more damaging attacks.
To protect against IoT security attacks, more than 50 percent of surveyed IT and security decision makers reported they prioritize a few key capabilities in their security solutions. Monitoring for anomalous behaviors and vulnerability management were the most sought after requirements to mitigate the risk of IoT devices being compromised.
In addition to these specific capabilities, Trend Micro recommends a strong network defense approach to ensure IoT devices do not add security risk at any part of a corporate network. The company also offers a range of security solutions related to specific types of IoT devices for additional protection.