IoT attacks - more planning required

Fewer than half of cybersecurity professionals have a plan in place to deal with IoT attacks, despite the fact that ninety percent worry about future threats.

Fewer than half (47%) of cybersecurity professionals have a plan in place to deal with attacks on their IoT devices and equipment, despite that fact that nine out of ten express concerns over future threats, according to new research from the Neustar International Security Council (NISC).

These findings come at a time in which 48% of organisations admitted to experiencing a cyberattack against their IoT or connected devices and equipment in the last year alone. Just over a quarter (27%) reported feeling ‘very confident’ that their personnel would know how to protect against such attacks, while 38% claimed they are currently in the process of developing a plan.

“With IoT devices and equipment now being such a fundamental part of business, organisations are continuing to connect more devices to their networks, resulting in an increased attack surface. This not only opens businesses up to more attacks, it also gives malicious actors new opportunities to breach security systems,” said Rodney Joffe, Chairman of NISC and, Security CTO at Neustar. “In most cases, IoT devices have been built by third party vendors, meaning that the companies using these IoT devices do not have the knowledge of how they have been created or what security measures they have in place.”

“It’s crucial, therefore, to understand that the IoT has essentially been built on top of infrastructure that is vulnerable, making every organisation a target. Recognising exactly what data needs protecting is a key factor for developing an organised and cohesive security strategy. This way businesses can successfully focus on their more vulnerable data, processes and models – guarding valuable information from any and all IoT attacks moving forward. On a more granular level, businesses must ensure the appropriate controls are in place for threat vulnerability and patch management while also ensuring that important data is identified and encrypted,” added Joffe.

International Cyber Benchmarks Index to Sep 2019

The latest NISC report also found threats are continuing to elevate across vectors. The International Cyber Benchmarks Index, which reflects the overall state of the cybersecurity landscape, has followed a steady upward trajectory since its inception, reaching a new record of 26.9 in September 2019. 

The NISC survey asked security professionals to rank a list of cyberthreats from highest concern to lowest concern. System compromise was reported as the top concern by 22% of respondents, edging out distributed denial of service (DDoS) attacks (21%) and ransomware (20%).

Social engineering via email was most likely to be perceived as a growing threat (55% of respondents reported seeing an increase in July/August 2019), followed by DDoS attacks and ransomware (both 54%) and generalised phishing (53%).

GenAI is poised to transform healthcare, but aligning strategies and addressing challenges remain...
A new survey unveils growing consumer comfort with personal AI assistants for daily tasks,...
Q.ANT announces groundbreaking funding for its photonic processors, offering a sustainable and...
Civo introduces relaxAI API, offering UK organizations cost-effective and compliant generative AI...
KIOXIA Europe introduces the revolutionary 245.76TB NVMe SSD in its LC9 Series, setting new...
AI agents are transforming business operations, but their high failure rates highlight a critical...
Artificial intelligence is transforming predictive maintenance in the power industry, optimizing...
AI is widely adopted but lacking governance in UK enterprises. Only 7% have comprehensive...