Although many energy companies are integrating Internet of Things (IoT) devices into their everyday operations, most of these businesses lack sufficient security protocols to safeguard these devices against cyberattacks, according to a survey conducted by British satellite telecommunications company Inmarsat.
Key findings from the Inmarsat survey of 100 large energy companies included:
- 59 percent of survey respondents stated their board has either limited or no understanding of the IoT.
- 54 percent said they need additional digital skills in security to deliver successful IoT projects.
- 53 percent require investments to meet both physical and digital IoT security requirements.
- 38 percent have taken steps to protect their business against cyberattacks.
- 30 percent have given special consideration to network security as part of the development of their IoT solutions.
Many energy companies lack the security processes and skills to address IoT vulnerabilities, Inmarsat Enterprise Senior Director for Energy Chuck Moseley said in a prepared statement. However, energy companies that understand IoT security risks can deploy network infrastructure that ensures all endpoints are configured and protected.
How to Address IoT Security Risks
IoT security spending could reach $547 million next year, according to technology research firm Gartner. Meanwhile, Gartner has projected more than 25 percent of identified attacks in enterprises will involve the IoT by 2020, yet the IoT will account for less than 10 percent of IT security budgets at that time.
Various security risks associated with connected devices may put energy companies and other businesses in danger. Fortunately, there are many ways for businesses to address these rapidly evolving risks.
- Develop an effective password policy. IoT device passwords should be updated regularly. In addition, when crafting a password, it is important to avoid using common words and simple phrases and include a combination of uppercase and lowercase letters, numbers and symbols.
- Establish firewalls. Set up an IoT device on its own network and use network firewalls to stop traffic from unauthorized IP addresses.
- Choose industry-proven IoT devices. When possible, deploy IoT devices from manufacturers with a proven record of providing safe products.
- Apply security updates. Keep all IoT device software up to date and apply security patches.
The IoT is growing, and as such, the demand for IoT security services likely will increase over the next few years. MSSPs that can provide IoT security services can differentiate themselves from the competition and capitalize on the rising demand for connected devices.