Thursday, 02 November 2017 00:14

9 in 10 lack confidence in IoT security, want government regulation, Gemalto finds


Digital security provider Gemalto released research this week that claimed 90% of consumers lack confidence in the security of Internet of Things devices.

The research also found more than two-thirds of consumers and almost 80% of organisations support government involvement in IoT security.

The biggest fear, expressed by 66% of consumer respondents, is hackers taking control of their Internet-connected devices. This was a greater concern than data being leaked (60%) and hackers accessing personal information (54%).

Gemalto's research also found that while 54% of consumers own at least one IoT device — in fact, an average of two — only 14% believed they were extremely knowledgeable when it came to the security of these devices.

“It’s clear that both consumers and businesses have serious concerns around IoT security and little confidence that IoT service providers and device manufacturers will be able to protect IoT devices and more importantly the integrity of the data created, stored and transmitted by these devices,” said Jason Hart, chief technology officer, Data Protection at Gemalto.

“With legislation like GDPR (General Data Protection Regulation) showing that governments are beginning to recognise the threats and long-lasting damage cyber attacks can have on everyday lives, they now need to step up when it comes to IoT security. Until there is confidence in IoT amongst businesses and consumers, it won’t see mainstream adoption.”

The survey found businesses are in favour of regulations, stating they wanted government to identify with clarity who is responsible for securing IoT devices and data at each point in its journey (61%) and the implications of non-compliance (55%).

Of consumers and businesses surveyed, Gemalto found an almost unanimous response when it comes to government-enforced IoT security regulation with 96% of organisations and 90% of consumers looking for this.

Businesses have identified they require support when it comes to understanding and implementing IoT technology, turning to cloud service providers (52%) and IoT service providers (50%). The reasons for this are a lack of internal expertise and skills (47%), and to help facilitate and speed up their IoT deployment (46%).

However, despite these partnerships aiding the adoption and deployment of IoT devices, organisations acknowledged they felt they did not have complete control over the data their IoT products or services collected as it moved from partner to partner, leaving the organisation itself exposed.

“The lack of knowledge among both the business and consumer worlds is quite worrying and it’s leading to gaps in the IoT ecosystem that hackers will exploit,” Hart said. “Within this ecosystem, there are four groups involved — consumers, manufacturers, cloud service providers and third parties — all of which have a responsibility to protect the data. ‘Security by design’ is the most effective approach to mitigate against a breach.

"Furthermore, IoT devices are a portal to the wider network and failing to protect them is like leaving your door wide open for hackers to walk in. Until both sides increase their knowledge of how to protect themselves and adopt industry standard approaches, IoT will continue to be a treasure trove of opportunity for hackers.”

Gemalto's research also found IoT device manufacturers and service providers spend 11% of their total IoT budget on securing these devices. Half these companies stated they had a security-by-design approach. 67% reported encryption as their primary means to secure IoT assets, with 62% encrypting data as soon as it reached the device, and 59% as soon as it leaves the device.

Ninety-two percent of IoT-related companies said they saw an increase in sales or product usage after implementing security measures.

Gemalto commissioned independent technology market research specialist Vanson Bourne to conduct the research. A total of 1050 IT and business decision-makers and 10,500 consumers were interviewed in July 2017, via online and telephone methodology. Decision maker respondents were from organisations in any sector, but with a minimum of 250 employees.

The results can be found online in an interactive infographic, both aggregated and by country of response.


As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.



Recent Comments