INFOGRAPHIC
INFOGRAPHIC
Research unveils corporate losses
associated with IoT security
A
study from DigiCert, Inc., a leading
provider of TLS/SSL, PKI and IoT
security solutions, reveals that
enterprises have begun sustaining significant
monetary losses stemming from the lack of
good practices as they move forward with
incorporating the Internet of Things (IoT)
into their business models. In fact, among
companies surveyed that are struggling the
most with IoT security, 25% reported IoT
security-related losses of nearly £257,333 in
the last two years.
These findings come amid a ramping up of
IoT focus within the typical organisation. A
total of 71% of respondents indicated that
IoT is extremely important to them currently,
while 91% said they anticipate IoT to be
extremely important to their respective
organisations within two years.
The survey was conducted by ReRez Research
in September 2018, with 700 enterprise
organisations in the US, UK, Germany,
France and Japan from across critical
infrastructure industries.
Top concerns
Security and privacy topped the list of concerns
for IoT projects, with 82% of respondents
stating they were somewhat to extremely
concerned about security challenges.
“Enterprises today fully grasp the reality
that the Internet of Things is upon us and
will continue to revolutionise the way we
live, work and recreate,” said Mike Nelson,
Vice President of IoT Security at DigiCert.
“Securing IoT devices is still a top priority
that many enterprises are struggling to
manage, however, integrating security at
the beginning and all the way through
IoT implementations is vital to mitigating
rising attacks which can be expected to
continue. Due diligence when it comes to
authentication, encryption and integrity of
IoT devices and systems can help enterprises
reliably and safely embrace IoT.”
28
INTELLIGENTCIO
Top versus bottom performers
To give visibility to the specific challenges
that enterprises are encountering with IoT
implementations, respondents were asked
a series of questions using a wide variance
of terminology. Using standard survey
methodology, respondents’ answers were
then scored and divided into three tiers:
• Top tier: Enterprises experiencing fewer
problems and demonstrating a degree
of mastery mitigating specific aspects of
IoT security
• Middle tier: Enterprises scoring in
the middle range in terms of their IoT
security results
• Bottom tier: Enterprises experiencing
more problems that were much more likely
to report difficulties mastering IoT security
IoT security missteps
Respondents were asked about IoT-related
security incidents their organisations
experienced within the past two years. The
difference between the top and bottom tiers
was unmistakable. Companies struggling
the most with IoT implementation are much
more likely to get hit with IoT-related security
incidents. Every single bottom tier enterprise
experienced an IoT-related security incident
in that time span, versus just 23% of the top
tier. The bottom tier was also more likely to
report problems in these specific areas:
• More than 12 times as likely to have
experienced IoT-based Denial of
Service attacks
• More than 12 times as likely to have
experienced unauthorised access to
IoT devices
• Nearly 16 times as likely to have
experienced IoT-based data breaches
• Six times as likely to have experienced IoT-
based malware or ransomware attacks
These security incidents were not trivial.
There were detrimental costs associated with
these IoT security-related incidents. The top
five areas for costs incurred within the past
two years were:
www.intelligentcio.com