Content, Channel partners, Content, Security Program Controls/Technologies, IoT, MSSP

Security Top Barrier to IoT Adoption, Trustwave Report Finds

Security concerns often prevent organizations from adopting Internet of Things (IoT) technologies, according to a survey conducted by Trustwave, a Top 100 MSSP that specializes in compliance, threat and vulnerability management services.

Key findings from Trustwave's "IoT Cybersecurity Readiness Report" included:

  • 64 percent of organizations have deployed some level of IoT technology, and 20 percent plan to do so in the next year.
  • 57 percent cited security concerns as the number one barrier to greater IoT adoption, followed by "not relevant to operations" (38 percent) and "lack of budget" (27 percent).
  • 49 percent have formal patching policies and procedures in place, and about one-third patch their IoT devices within 24 hours after a fix becomes available.
  • 34 percent periodically assess the IoT security risks posed by third-party partners, and 19 percent do not perform third-party IoT risk assessments.
  • 28 percent consider their IoT security strategy to be "very important" in comparison to other cybersecurity priorities.
  • 10 percent are "very" confident that they can detect and protect against IoT-related security incidents, and 62 percent are "somewhat" or "not" confident that they can do so.
  • Among organizations that have deployed IoT technologies, 61 percent have experienced an IoT-related security incident.

IoT security considerations often "take a back seat" to product features and timeliness, Trustwave indicated. However, organizations must allocate time and resources to consider security, or they risk malware infections, denial-of-service attacks and other cyberattacks on their IoT devices.

Trustwave IoT Security Recommendations

IoT-based attacks put an organization and its network infrastructure at risk, and Trustwave offered the following recommendations to assess security risks and implement effective IoT security plans:

  • Perform regular network scans.
  • Analyze IoT vendors before making new purchases.
  • Use IoT vendor risk management and security testing to identify vulnerabilities and weaknesses.
  • Update the default passwords on IoT devices to unique, complex passwords; this should be done after an organization identifies or installs IoT devices.
  • Develop a process to quickly patch IoT vulnerabilities.
  • Conduct proactive threat hunting.
  • Limit partner access to networks.

Many organizations lack the internal expertise or resources to manage their security in-house, Trustwave pointed out. As such, MSSPs can help these organizations identify IoT security risks and plan accordingly.

Global IoT Security Market Expected to Grow

The global IoT security market is expected to expand at a compound annual growth rate (CAGR) of 34.4 percent between 2017 and 2022, according to market research firm MarketsandMarkets. This sector also is projected to be worth more than $29 billion by 2022.

In addition, North America is the largest region in the global IoT security market, and network security is expected to hold the largest market share in this sector going forward, MarketsandMarkets stated.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.