Europe falls behind US in adoption of AI-led security, as half of firms surveyed say IoT is making it harder to stay secure

IoT (Internet of Things) strategies are hampering security management, with almost half (47%) of executives in a new survey saying it has become more difficult to stay secure in the last year. This is one of the key findings of the 2017-2018 Global Application and Network Security Report, just released by Radware®, a provider of cyber security and application delivery solutions.

Adding to the problem is the complex issue as to who is responsible for IoT securityWhen asked who needs to take responsibility, there was no clear consensus among security executives. Responses pinned responsibility on the organisations managing the network through to the manufacturers, but the majority said it was down to consumers using these devices (56%).

Andrew Foxcroft, regional director for Radware UK, Ireland and Nordics, says that its time companies closed the debate and assume responsibility themselves: “Everything that is attached to the network is a threat to security. The longer we debate who is responsible the more advantage we hand to the hackers who will do everything that can to exploit weaknesses.

“Governments of the world are taking more and more interest in IoT and if companies fail to be decisive, take responsibility and collaborate on security, legislation will make the decision for them – look at Germany’s decision to ban smart toys.

Lazy assumption

“It’s lazy to assume consumers will think about security. We already know people find it challenging to keep up with software updates and are unlikely to think through the risks regardless of the terms and conditions they sign up to. The network is only as strong as its weakest link and the sooner companies realise IoT devices are the weakest link, and that the buck will always stop with them, the better.”

The study also found that the percentage of companies reporting financially motivated cyber-attacks has doubled over the past two years, with 50% of surveyed companies experiencing a cyber-attack motivated by ransom in the past year. As the value of bitcoin and other cryptocurrencies – often the preferred form of payment among hackers – has appreciated, ransom attacks provide an opportunity for hackers to cash out for lucrative gains months later.

Cryptocurrencies help hackers

“The rapid adoption of cryptocurrencies and their subsequent rise in price has presented hackers with a clear upside that goes beyond cryptocurrencies’ anonymity,” adds Foxcroft. “Paying a hacker in these situations not only incentivises further attacks, but it provides criminals with the vital funds they need to continue their operations.”

Andrew Foxcroft

The number of companies that reported ransom attacks in which hackers use malware to encrypt data, systems, and networks until a ransom is paid – surged in the past year, increasing 40% from the 2016 survey. Companies don’t expect this threat to go away in 2018 either. One in four executives (26%) see ransom as the largest threat to their business sector in the coming year.

“Criminals used various exploits and hacks this year to encrypt vital systems, steal intellectual property, and shut down business operations, all with ransom demands attached to these actions,” Foxcroft said. “Between service disruptions, outages, or intellectual property theft, hackers are leaving businesses reeling, searching for solutions after a hack occurs. As hackers and their methods become increasingly automated, it is now more important than ever for organisations to be proactive in protecting their business.”

Other key findings of the report include:

  • Businesses are most concerned with their data when hit with a cyber-attack. Respondents noted that data leakage was their top business concern, followed by reputation loss and service outages. Yet with five months to go until GDPR comes into force, only 28% say their organisation is very or well prepared for GDPR, and another third feel somewhat prepared. Not surprising, those in Europe are more likely to say they are very well or well prepared compared to those in North America (35% vs. 25%), while one in four in North America are completely unfamiliar with GDPR.
  • Despite one in four (24%) businesses reporting cyber-attacks daily or weekly, nearly 80% of surveyed organisations have not come up with a calculation for the cost of attacks, and one in three lack a cyber security emergency response plan.
  • One-fifth already rely on machine learning and a quarter plan to integrate it in the next 12 months. However, Europe is falling behind the US and Asia Pacific in the adoption of artificial intelligence. In the US 58% of companies already rely or plan to integrate artificial intelligence, with a similar story in the Asia Pacific region (54%), but in Europe 62% neither rely nor plan to use artificial intelligence.
  • To help bolster defences, a third of companies (29%) in Europe and 41% in the US are now open to including hackers in their IT security teams.

Radware’s Global Application and Network Security Report, now in its seventh year, is a cross-industry report compiled by Radware’s Emergency Response Team (ERT), leveraging vendor-neutral survey data from 605 IT executives spanning several industries around the globe, Radware’s hands-on experience handling today’s leading threats, as well as third-party service provider commentary.

The complete Global Application & Network Security Report 2017-2018, which details 2017’s major attack trends and provides predictions and recommendations from Radware’s ERT for how organisations can best prepare for mitigating cyber threats in 2018, can be downloaded here.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Infineon and Rainforest Connection create real-time monitoring system to detect wildfires

Posted on: October 22, 2021

Munich and San Jose, California, 21 October, 2021 – Infineon Technologies AG a provider of semiconductors for mobility, energy efficiency and the IoT, announced a collaboration with Rainforest Connection (RFCx), a non-profit organisation that uses acoustic technology, Big Data and Artificial Intelligence / Machine Learning to save the rainforests and monitor biodiversity.

Read more

Infineon simplifies secure IoT device-to-cloud authentication with CIRRENT Cloud ID service

Posted on: October 21, 2021

Munich, Germany. 21 October 2021 – Infineon Technologies AG launched CIRRENT Cloud ID, a service that automates cloud certificate provisioning and IoT device-to-cloud authentication. The easy-to-use service extends the chain of trust and makes tasks easier and more secure from chip-to-cloud, while lowering companies’ total cost of ownership. Cloud ID is ideal for cloud-connected product companies

Read more