A lack of security standards in the Internet of Things (IoT) leaves many devices open to vulnerabilities, according a new survey of more than 7,000 IT professionals from global cybersecurity association ISACA.
75 per cent of those polled said they thought device manufacturers were not implementing sufficient security measures devices and a further 73 per cent said existing security standards are inadequate.
The findings are considered to be especially concerning given that the IoT is estimated to expand rapidly from 1.2 billion devices in 2015 to 5.4 billion connected devices by 2020.
“With the explosion in popularity and hype around the Internet of Things, it is proving difficult for manufacturers and organisations to keep up with the clear realities and implications for security the IoT represents,” said former ISACA vice president Ramsés Gallego.
“What is being created, along with the physical object like a thermostat, smartwatch or connected alarm system, are the countless entry points that cyberattackers can use to access personal information and corporate data.
“The rapid spread of connected devices is outpacing an organisation’s ability to manage it and to safeguard company and employee data. We need to change that so we can reap the many benefits of the IoT.”
Only 51 per cent said they were confident that their company was prepared for a cyber-attack on their systems.
The survey did not yield solely negative responses however, with many praising the benefits of the IoT.34 per cent say they have achieved greater access to information as a result of the IoT, and 29 per cent say IoT has improved services at their organisation.
The survey report notes that the business risk of not embracing the IoT and falling behind competitors may well outweigh any potential cost of a cyberattack, although organisations need to manage the risk to achieve the most benefit.
Smart home purveyor Nest recently unveiled its Weave platform that will allow devices to speak directly with one another without a connection to the internet. The company claimed that the new platform had been designed with security in mind.