Home Internet of Things 9 in 10 lack confidence in IoT security, want government regulation, Gemalto finds

9 in 10 lack confidence in IoT security, want government regulation, Gemalto finds

Digital security provider Gemalto released research this week that claimed 90% of consumers lack confidence in the security of Internet of Things devices.

The research also found more than two-thirds of consumers and almost 80% of organisations support government involvement in IoT security.

The biggest fear, expressed by 66% of consumer respondents, is hackers taking control of their Internet-connected devices. This was a greater concern than data being leaked (60%) and hackers accessing personal information (54%).

Gemalto's research also found that while 54% of consumers own at least one IoT device — in fact, an average of two — only 14% believed they were extremely knowledgeable when it came to the security of these devices.

“It’s clear that both consumers and businesses have serious concerns around IoT security and little confidence that IoT service providers and device manufacturers will be able to protect IoT devices and more importantly the integrity of the data created, stored and transmitted by these devices,” said Jason Hart, chief technology officer, Data Protection at Gemalto.

“With legislation like GDPR (General Data Protection Regulation) showing that governments are beginning to recognise the threats and long-lasting damage cyber attacks can have on everyday lives, they now need to step up when it comes to IoT security. Until there is confidence in IoT amongst businesses and consumers, it won’t see mainstream adoption.”

The survey found businesses are in favour of regulations, stating they wanted government to identify with clarity who is responsible for securing IoT devices and data at each point in its journey (61%) and the implications of non-compliance (55%).

Of consumers and businesses surveyed, Gemalto found an almost unanimous response when it comes to government-enforced IoT security regulation with 96% of organisations and 90% of consumers looking for this.

Businesses have identified they require support when it comes to understanding and implementing IoT technology, turning to cloud service providers (52%) and IoT service providers (50%). The reasons for this are a lack of internal expertise and skills (47%), and to help facilitate and speed up their IoT deployment (46%).

However, despite these partnerships aiding the adoption and deployment of IoT devices, organisations acknowledged they felt they did not have complete control over the data their IoT products or services collected as it moved from partner to partner, leaving the organisation itself exposed.

“The lack of knowledge among both the business and consumer worlds is quite worrying and it’s leading to gaps in the IoT ecosystem that hackers will exploit,” Hart said. “Within this ecosystem, there are four groups involved — consumers, manufacturers, cloud service providers and third parties — all of which have a responsibility to protect the data. ‘Security by design’ is the most effective approach to mitigate against a breach.

"Furthermore, IoT devices are a portal to the wider network and failing to protect them is like leaving your door wide open for hackers to walk in. Until both sides increase their knowledge of how to protect themselves and adopt industry standard approaches, IoT will continue to be a treasure trove of opportunity for hackers.”

Gemalto's research also found IoT device manufacturers and service providers spend 11% of their total IoT budget on securing these devices. Half these companies stated they had a security-by-design approach. 67% reported encryption as their primary means to secure IoT assets, with 62% encrypting data as soon as it reached the device, and 59% as soon as it leaves the device.

Ninety-two percent of IoT-related companies said they saw an increase in sales or product usage after implementing security measures.

Gemalto commissioned independent technology market research specialist Vanson Bourne to conduct the research. A total of 1050 IT and business decision-makers and 10,500 consumers were interviewed in July 2017, via online and telephone methodology. Decision maker respondents were from organisations in any sector, but with a minimum of 250 employees.

The results can be found online in an interactive infographic, both aggregated and by country of response.

LEARN HOW TO BE A SUCCESSFUL MVNO

Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service

DOWNLOAD NOW!

David M Williams

joomla site stats

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. Within two years, he returned to his alma mater, the University of Newcastle, as a UNIX systems manager. This was a crucial time for UNIX at the University with the advent of the World-Wide-Web and the decline of VMS. David moved on to a brief stint in consulting, before returning to the University as IT Manager in 1998. In 2001, he joined an international software company as Asia-Pacific troubleshooter, specialising in AIX, HP/UX, Solaris and database systems. Settling down in Newcastle, David then found niche roles delivering hard-core tech to the recruitment industry and presently is the Chief Information Officer for a national resources company where he particularly specialises in mergers and acquisitions and enterprise applications.