A recent survey of global IT and security
decision-makers found that companies are exposing themselves to greater risks
by excluding IT security teams from discussions on internet of things (IoT)
deployment plans.
Trend Micro, in collaboration with Vanson Bourne,
conducted online interviews with 1,150 IT and security decision-makers
about their roles in the decision-making process for implementing and deploying
IoT solutions. Participants represented organizations from Germany, France,
Japan, the UK and the US. Responses revealed that 79% of companies include the IT department when choosing industrial
IoT solutions, but only 38% consult their security teams.
The research also found that nearly 33% of
respondents reported that the person responsible for IoT security is unknown.
Yet participating organizations said that they had experienced an average
of three attacks on connected devices in the past year.
“It is remarkable how IT security teams are being
locked out of IoT projects, when this is clearly exposing organizations to
unnecessary cyber risk,” said Kevin Simzer, chief operating officer of Trend
Micro, in a press release.
“Our study shows too many organizations across
the globe don’t prioritize security as part of their IoT strategy, which leaves them
vulnerable. Unless security is addressed as part of the deployment, these
devices will remain exposed and vulnerable since, for the most part, they were
not designed to be updated or patched.”
While organizations
have spent more than $2.5 million on IoT initiatives over the past year, only
56% of new IoT projects include security solution input from the CISO.
No comments:
Post a Comment