Lack of Confidence in IoT Security Plans High Among IT Leaders, Report

Businesses are seeing a significant rise in enterprise IoT security risks and vulnerabilities in IoT devices is emerging as a major source of concern.

While 95% of IT leaders have an IoT security plan, only 51% feel confident in its efficacy, according to a new report from Viakoo.

Half of enterprises surveyed identified IoT as the weakest part of their security and 50% said they experienced an IoT cyber incident in the last 12 months, of which 44% were serious, and 22% threatened business operations.

Seventy-one percent of IT leaders said they wish they started their IoT security plans differently so they could remediate vulnerabilities faster.

The top emerging IoT threats for IT professionals identified in the survey include data breaches (69%), ransomware attacks (60%), supply chain attacks (45%) and Denial of Service (DDoS) attacks (42%).

Rebuilding IoT Security

Viakoo’s study highlighted agentless security solutions as foundational for successful IoT security, with 90% of businesses surveyed saying they believe this to be the key to effective security.

The report also found that to address cybersecurity concerns, IT leaders need to secure IoT infrastructure one application at a time in an “automated and expeditious fashion.”

“The IoT attack surface was built one application at a time and is growing one application at a time,” said Bud Broomhead, Viakoo’s CEO. “Viakoo’s 2024 IoT Security Crisis: By the Numbers findings reinforce the criticality of securing IoT infrastructure one application at a time, and in an automated and rapid fashion."  

Related:IoT Malware Attacks Jump 400% Since 2022, Report

Increased Investment, Lack of Confidence

While 89% of businesses said they plan to increase spending on security stacks over the next year, only 63% said they have the confidence to make an informed decision on where to channel the investments.

“The numbers presented here spotlight how the IoT applications and device systems that organizations rely on are vulnerable, are being attacked and lack the focus on cybersecurity that traditional IT systems have,” the report said. “While there is board-level visibility into IoT security and internal discussions between the managers of IoT systems, most organizations lack the proper technology solutions, reporting and governance to ensure that IoT systems are always visible, operational and secure.”