Do companies know how to to protect their IoT deployments?
ORGANIZATIONS have been waiting for the arrival of the internet of things (IoT) applications and deployments that they can simply use out-of-the-box.
The technology has promised many things and has great potential, but now that it is here, companies are realizing that they’re not going to be able to dive into IoT right away. They have to think about cybersecurity first.
IDC recently surveyed businesses in Australia and New Zealand recently about their IoT adoption and found that respondents were excited about IoT but were struggling to secure their IoT deployments adequately.
“Across the IoT ecosystem industry, it is becoming plain that security is a complex topic with many layers across applications, network, data, and devices,” said IDC ANZ Practice Research Manager Monica Collier.
“Interestingly, while companies said they are concerned about security at the application and data level, there is little or no concern about device security. Endpoints can be quite vulnerable and organizations should not overlook this potential weakness. We need more IoT platforms that do a good job of IoT endpoint device management.”
A new study — on a global scale — came up with similar insights.
Enterprises are most excited about the prospects in of IoT in the supply chain space because of the traceability it offers and the transparency it brings in — allowing them to collect more data and helping them gain more visibility into their demand and supply needs and forecasts.
So the study asked 750 businesses across the global supply chain about their cybersecurity measures and found that despite recognizing the enhanced security threats of Industrial IoT, just 33 percent have invested in new security technologies and only 29 percent have partnered with security specialists for assistance.
This indicates that not enough is being done to secure operations, exposing the organization to significant threats from even the most novice of hackers.
One driver for this response is a lack of relevant skills, according to the study, is the lack of staff with cybersecurity skills needed to deliver the Industrial IoT deployments. Fifty-six percent of respondents said this was why their IoT deployments are still vulnerable.
According to IDC’s Collier, in order for organizations to move past the barriers inhibiting production scale IoT, they must focus on solving the broader security and upgrade issues.
Collier believes that (in the absence of talent within companies to protect their IoT deployments), IoT vendors should provide IoT-specific security expertise.
Although most of the giants exploring IoT will find that building talent in-house is a better alternative, seeking the help of external consultants can be a good idea in the short run — at least while the company gets its IoT deployment up and running.