Less Than One-Third of Organizations Prepared for IoT Security Risks, Survey Finds
Nearly half of the respondents expect the number of IoT devices on their networks to increase by at least 37% in 2017.
PORTLAND, Ore. — Tripwire, a provider of network security and compliance solutions, announced the results of a survey of more than 220 information security professionals who attended Black Hat USA 2016, an annual computer security conference.
When asked if their organizations are prepared for the security risks associated with Internet of Things (IoT) devices, less than one-third (38%) of the respondents said, “yes.” In addition, only 34% of the respondents believe their organizations accurately track the number of IoT devices on their networks.
According to Cisco, the number of connected devices is projected to increase to more than 50 billion by 2020. Despite their popularity, IoT devices present significant and unique security risks to consumers and businesses. For example, Arbor Networks recently reported that distributed denial of service (DDoS) attacks have grown both in size and frequency, due in part to the rising number of connected devices.
“The Internet of Things presents a clear weak spot for an increasing number of information security organizations,” says Tim Erlin, director of IT security and risk strategy for Tripwire. “As an industry, we need to address the security basics with the growing number of IoT devices in corporate networks. By ensuring these devices are securely configured, patched for vulnerabilities and being monitored consistently, we will go a long way in limiting the risks introduced.”
Additional findings from the survey included:
78% of respondents are concerned about the weaponization of IoT devices in the use of DDoS attacks.
Nearly half (47%) of respondents expect the number of IoT devices on their networks to increase by at least 30% in 2017.
Only 11% of respondents consider DDoS attacks one of the top two security threats their organizations face.
“The large number of easily compromised [IoT] devices will require a new approach if we are to secure our critical networks,” says Tripwire CTO Dwayne Melancon. “Organizations must respond with low-cost, automated and highly resilient methods to successfully manage the security risk of these devices at scale.”
Black Hat USA 2016 was held July 30-Aug. 4 in Las Vegas
Source | securitysales