Data Driven Futures

Businesses raise IoT cyberthreat fears

Written by Hannah McGrath
3/10/2019

Despite estimates suggesting that £595 billion will be spent this year on Internet of Things (IoT) technology, more than half of organisations are concerned that they are unprepared to counter the cyber threats they face from connected devices.

A survey of 1,800 IT security professionals by the Ponemon Institute for cyber security firm nCipher found that for those working in the manufacturing, finance and healthcare sectors in the UK, the top threat to IoT devices is having their function altered by a malicious third party, with 75 per cent citing hacking as their main concern.

A further 54 per cent said they were also concerned that attackers would be able to fully control the device remotely, while 68 per cent cited a fear that the hack could be achieved through malware or other attacks.

The study found that IoT is the fastest-growing trend driving public key infrastructure (PKI) application deployment – with 20 per cent growth over the past five years.

Recent estimates from analyst firm IDC suggested that businesses will be using more than 40 billion connected IoT devices by 2025.

The study also found that in the next two years, an average of 42 per cent of IoT devices will rely primarily on digital certificates for identification and authentication.

However, current levels of encryption for IoT devices, and for IoT platforms and IoT data repositories, stand at just 28 per cent and 25 per cent respectively, according to the study.

John Grimm, senior director of strategy and business development at nCipher Security, said: “The scale of IoT vulnerability is staggering – IDC recently forecasted that there will be 41.6 billion connected IoT devices by 2025, generating 79.4 zettabytes of data.

“There is no point in collecting and analysing IoT-generated data, and making business decisions based upon it, if we cannot trust the security of devices or their data – building trust starts with prioritising security practices that counter the top IoT threats, and ensuring authenticity and integrity throughout the IoT ecosystem.”