Confidence in IoT security is seriously lacking among both consumers and businesses, Gemalto’s study finds.
Some nine out of ten consumers lack confidence in the security of IoT devices, according to new research from IT security company Gemalto, outlined in a new report, The State of IoT Security 2017.
And, along with business leaders, they’re looking to governments to fix the problem. More than two-thirds of consumers and almost 80 percent of organizations support government involvement in setting mandated IoT security standards, according to the study which polled over 10,000 consumers and over 1,000 IT and business decision makers.
For consumers, the main fear (cited by two-thirds of respondents) is hackers taking control of their device. This was a greater concern for them than data being leaked (60 percent) and hackers accessing personal information (54 percent).
The survey also found that while over half (54 percent) of consumers questioned own at least one IoT device — in fact, they own an average of two each — only 14 percent consider themselves ‘extremely knowledgeable’ when it comes to the security of these devices.
Calls for regulation
According to the survey, businesses are in favour of regulations to make it clear who is responsible for securing IoT devices and data at each stage of its journey (61 percent) and the implications of non-compliance (55 percent). In fact, almost every organisation (96 percent) and consumer (90 percent) is in favour of government-enforced IoT security regulation.
Businesses have found they require support when it comes to comprehending and deploying IoT technology, turning to cloud service providers (52 percent) and IoT service providers (50 percent) for expertise. The reasons they give are a lack of internal expertise and skills (47 percent), and to help facilitate and speed up their IoT deployments (46 percent).
“It’s clear that both consumers and businesses have serious concerns around IoT security and little confidence that IoT service providers and device manufacturers will be able to protect IoT devices and more importantly the integrity of the data created, stored and transmitted by these devices,” said Jason Hart, chief technology officer, Data Protection at Gemalto.
“With legislation like GDPR (General Data Protection Regulation) showing that governments are beginning to recognize the threats and long-lasting damage cyber attacks can have on everyday lives, they now need to step up when it comes to IoT security. Until there is confidence in IoT amongst businesses and consumers, it won’t see mainstream adoption.”