Is the Internet of Things safe? A new survey from the Information Systems Audit and Control Association (ISACA) suggests a major confidence gap about the security of connected devices between consumers and cybersecurity and information technology professionals.
According to the consumer segment of the global cybersecurity association’s 2015 IT Risk/Reward Barometer, 81 percent of Indian consumers surveyed are confident they can control the security on the Internet of Things (IoT) devices they own.
Yet according to the 7,016 IT and cyber security professionals globally who responded to a parallel survey, only 22 percent feel this same confidence about controlling who has access to information collected by IoT devices in their homes, and 72 percent say manufacturers are not implementing sufficient security in IoT devices.
Indian consumers say the average number of IoT devices in their home is seven. Smart TVs, smart watches and connected home alarm systems are the most wanted IoT devices to get in the next 12 months.
Hidden Internet of Things
ISACA’s survey of IT and cybersecurity professionals globally depicts an IoT that flies below the radar of many IT organizations – an invisible risk that is underestimated and under-secured:
• 73 percent estimate the likelihood of an organization, being hacked through an IoT device is medium or high;
• 63 percent think that the increasing use of IoT devices in the workplace has decreased employee privacy;
• 50 percent say their organization’s BYOD (bring your own device) policy does not address wearable tech.
“In the hidden Internet of Things, what is also invisible are the countless entry points that cyber attackers can use to access personal information and corporate data,” said Christos Dimitriadis, International President, ISACA.
“The rapid spread of connected devices is outpacing an organization’s ability to manage and safeguard company and employee data,” he said.
According to the cybersecurity and IT professionals surveyed, device manufacturers are falling short. Seventy two percent say they do not believe that manufacturers are implementing sufficient security measures in IoT devices.
“As the usage of IoT devices increases in India, it is important that device manufacturers adopt an industry-wide security standard that addresses IoT security. They need to install rigorous security governance and professional development for their cybersecurity employees. This move will further boost the acceptance of IoT in the country, as research shows there is a direct relation between positive customer sentiment and companies that can demonstrate credentials,” said Avinash Kadam, Advisor – ISACA India Cybersecurity Initiative. fii-news.com