IoT attacks - more planning required

Fewer than half of cybersecurity professionals have a plan in place to deal with IoT attacks, despite the fact that ninety percent worry about future threats.

  • 5 years ago Posted in

Fewer than half (47%) of cybersecurity professionals have a plan in place to deal with attacks on their IoT devices and equipment, despite that fact that nine out of ten express concerns over future threats, according to new research from the Neustar International Security Council (NISC).

These findings come at a time in which 48% of organisations admitted to experiencing a cyberattack against their IoT or connected devices and equipment in the last year alone. Just over a quarter (27%) reported feeling ‘very confident’ that their personnel would know how to protect against such attacks, while 38% claimed they are currently in the process of developing a plan.

“With IoT devices and equipment now being such a fundamental part of business, organisations are continuing to connect more devices to their networks, resulting in an increased attack surface. This not only opens businesses up to more attacks, it also gives malicious actors new opportunities to breach security systems,” said Rodney Joffe, Chairman of NISC and, Security CTO at Neustar. “In most cases, IoT devices have been built by third party vendors, meaning that the companies using these IoT devices do not have the knowledge of how they have been created or what security measures they have in place.”

“It’s crucial, therefore, to understand that the IoT has essentially been built on top of infrastructure that is vulnerable, making every organisation a target. Recognising exactly what data needs protecting is a key factor for developing an organised and cohesive security strategy. This way businesses can successfully focus on their more vulnerable data, processes and models – guarding valuable information from any and all IoT attacks moving forward. On a more granular level, businesses must ensure the appropriate controls are in place for threat vulnerability and patch management while also ensuring that important data is identified and encrypted,” added Joffe.

International Cyber Benchmarks Index to Sep 2019

The latest NISC report also found threats are continuing to elevate across vectors. The International Cyber Benchmarks Index, which reflects the overall state of the cybersecurity landscape, has followed a steady upward trajectory since its inception, reaching a new record of 26.9 in September 2019. 

The NISC survey asked security professionals to rank a list of cyberthreats from highest concern to lowest concern. System compromise was reported as the top concern by 22% of respondents, edging out distributed denial of service (DDoS) attacks (21%) and ransomware (20%).

Social engineering via email was most likely to be perceived as a growing threat (55% of respondents reported seeing an increase in July/August 2019), followed by DDoS attacks and ransomware (both 54%) and generalised phishing (53%).

Beacon, NY, Dec 20, 2024– DocuWare unveils its AI-powered Intelligent Document Processing...
85% of IT decision makers surveyed reported progress in their companies’ 2024 AI strategy, with...
Lopitaux joins as global companies embrace GenAI solutions at scale and look to build their own...
Predictive maintenance and forecasting for security and failures will be a growing area for MSPs...
NVIDIA continues to dominate the AI hardware market: powering over 2x the enterprise AI deployments...
Hitachi Vantara survey finds data demands to triple by 2026, highlighting critical role of data...
81% of enterprises plan to increase investments in AI-powered IT operations to accelerate...
Hitachi Vantara survey finds data demands to triple by 2026, highlighting critical role of data...