IoT security provider Viakoo released new findings from its “2024 IoT Security Crisis: By the Numbers” report. This survey is designed to uncover insight from IT and security exec, expose a dramatic surge in enterprise IoT security risk and highlight a critical missing piece in the IoT security stack.
As cybersecurity threats grow – and remote/hybrid work scenarios continue to increase – IoT systems remain vulnerable due to missing pieces in enterprise technology stacks. In surveying IT leaders across a range of organizations, Viakoo noted that poor IoT security is causing issues:
- 95 percent of IT leaders have an IoT security plan in place, but only 51 percent feel confident in their efforts
- 55 percent of IoT cyber incidents could have been prevented with better security measures.
- 50 percent of IT leaders say IoT is the weakest part of their security.
- 50 percent of companies have experienced an IoT cyber incident in the past 12 months, of which 44 percent were serious and 22 percent threatened business operations.
Additionally, while IT leaders are focused on improving IoT security, their current security stacks are missing key pieces:
- 90 percent of IT leaders believe that agentless security solutions are the foundation for successful IoT security.
- 93 percent of IT leaders use agentless network-based asset discovery to remediate vulnerability, but only 35 percent feel successful in doing so.
- 71 percent of IT leaders wish they started their IoT security plans differently to more quickly remediate vulnerabilities.
- 83 percent of IT leaders agree that their attack surface grew one application at a time, and should be remediated one application at a time.
“The IoT attack surface was built one application at a time, and is growing one application at a time,” said Viakoo CEO, Bud Broomhead. “Viakoo’s 2024 IoT Security Crisis: By the Numbers findings reinforce the criticality of securing IoT infrastructure one application at a time, and in an automated and rapid fashion.”
Based on survey results, top emerging IoT threats for IT professionals include data breaches (69 percent), ransomware attacks (60 percent), supply chain attacks (45 percent) and DDoS attacks (42 percent).
While IT leaders resoundingly plan to increase spending on security stacks in the following year, but feel that they lack the knowledge and confidence to make informed decisions, with:
- 87 percent of companies having spent more on IoT security in 2023 than 2022.
- 89 percent of companies planning to allocate more on IoT security in 2024 than 2023.
- 63 percent of boards feeling they have enough information on IoT security to make informed decisions.
While there is board-level visibility into IoT security – and internal discussions between the managers of IoT systems – most organizations lack the proper technology solutions, reporting and governance needed to ensure that IoT systems are always visible, operational and secure.
The report yielded responses from 150 U.S. IT leaders at companies that use IoT. An independent research firm conducted the survey in November 2023.
Contact Viakoo to request the full survey.