News

Firm Says Nearly Half of Companies Can't Detect IoT Security Breaches

• By David Ramel
• 01/17/2019

With the Internet of Things (IoT) gaining prominence on multiple fronts, security still remains a big challenge, according to Gemalto.

The company on Tuesday published the results of a new study revealing serious security concerns in the IoT space, with one finding that almost half of companies are unable to detect an IoT device security breach. Gemalto describes itself as a "digital security" company and provides several IoT security solutions.

Titled "The State of IoT Security," the study is based on a survey of 950 IT and business decision makers with awareness of IoT in their organization, conducted in May and June 2018.

"Given the increase in the number of IoT-enabled devices, it's extremely worrying to see that businesses still can't detect if they have been breached," said Jason Hart, CTO, Data Protection at Gemalto, in a statement. "With no consistent regulation guiding the industry, it's no surprise the threats -- and, in turn, vulnerability of businesses -- are increasing. This will only continue unless governments step in now to help industry avoid losing control."

That call for government intervention constituted one of the key takeaways from the study as cited by Gemalto:

• 48 percent of businesses are unable to detect if any of their IoT devices suffers a breach.
• 79 percent call on governments globally to provide more robust guidelines on IoT security.
• 90 percent of companies believe IoT security is a big consideration for consumers.
• 14 percent of companies see this as an ethical responsibility three times more than a year ago (4 percent).
• 10 percent Increase of use of blockchain technology to help secure IoT data, services and devices (up from 9 percent to 19 percent).
• 97 percent see a strong approach to IoT security as a key competitive differentiator.

In addition to calling for more government overview, the study sees the emergence of blockchain technology as a means of IoT protection. Gemalto highlighted blockchain as a security tool back in 2016 in a post titled "A beginner's guide to blockchain. "A whole range of organizations have begun to see how blockchain could introduce new levels of trust and security to digital transactions," the 2016 article states.

As of May/June 2018, that seems to have happened.

"While the industry awaits regulation, it is seeking ways to address the issues itself, with blockchain emerging as a potential technology; adoption of blockchain has doubled from 9 percent to 19 percent in the last 12 months," Gemalto said. "What's more, a quarter (23 percent) of respondents believe that blockchain technology would be an ideal solution to use for securing IoT devices, with 91 percent of organizations that don't currently use the technology are likely to consider it in the future.

"As blockchain technology finds its place in securing IoT devices, businesses continue to employ other methods to protect themselves against cybercriminals. The majority (71 percent) encrypt their data, while password protection (66 percent) and two factor authentication (38 percent) remain prominent."

In addition to government regulation and blockchain as an IoT security tool, the report also touches upon IoT partnerships, changes in the enterprise due to the advent of IoT, spending on IoT security, encryption of IoT data and more.