A WEEK IN IoT — Hosting a lively webinar debate yesterday on LTE-M with Aeris and IoT Analytics, I couldn’t help noticing, says Jeremy Cowan, editorial director of IoT Now, how often the audience asked questions on how to secure the Internet of Things. It bore out the results of a new five-country survey.
Several questioners acknowledged that signal jammers and radio scanning of IoT connections are now regularly ‘a thing’. Maybe it shouldn’t be a surprise.
A survey by Netherlands-based Irdeto published recently revealed that 79% of manufacturing and production organisations have experienced an IoT-focused cyberattack in the past year. Let’s just take a moment to unpack that. Of 700 security decision-makers surveyed across healthcare, transport and manufacturing, nearly half (47%) had experienced operational downtime as a result of a cyberattack.
A survey shows that 79% of manufacturing and production organisations have experienced an IoT-focused cyberattack in the past year
The Irdeto Global Connected Industries Cybersecurity Survey of 700 security decision makers, showed the most common impacts were on operational downtime (47%), compromised customer data (35%) and compromised end-user safety (33%). These findings show unsecured IoT devices have a direct bearing on revenues as well as health & safety challenges.
It seems these organisations are aware of where the key cybersecurity vulnerabilities exist with their infrastructure. Prominent vulnerabilities within manufacturing and production businesses were in mobile devices and apps (46%). This was followed by the IT network (41%) and the organisation’s software (40%). As Irdeto says, if respondents are referring to the operations technology (OT) equipment software running the factory floor, that “could be hugely problematic”.
Awareness is not enough
Despite this awareness, 92% of respondents feel their organisation does not have everything it needs to address cybersecurity challenges. In all, 44% state that their company needs to implement a more robust security strategy.
This is followed by a need for additional expertise/skills to address all aspects of cybersecurity (42%) and a need for more effective cybersecurity tools (37%) within the organisation.
That’s before we start on device security …
These are just the weaknesses in the first link in IoT’s chain. What about when IoT devices are deployed? In the survey, 91% of manufacturers and 96% of users of IoT devices state that the cybersecurity of their IoT devices could be improved.
I’ve spoken before about the reputational damage to the Internet of Things that is surely coming if our industry fails to address these challenges. (See: Failing at the first hurdle: How IoT security risks derailing robotics before it ever goes mainstream) On this occasion, let’s just look at the average financial impact. According to the survey, the average cost to a manufacturing business of an IoT-focused cyberattack is shown to be more than US$280,000.
As Mark Hearn, director of IoT Security and Business Development at Irdeto says, there is an awareness of the cybersecurity challenges and impacts within the industry, but potentially a need to rethink strategies to mitigate the impact of potential cyberattacks. “Whatever the nature of the threat, industrial and manufacturing organisations must understand the scope of their current risk, ask hard cybersecurity-centric questions to vendors, and work with trusted advisors to safely embrace connectivity in their manufacturing process.”
Let’s end on a positive note; 99% of the manufacturing organisations surveyed agree that a security solution should be an enabler of new business models, not just a cost. This suggests that attitudes towards IoT security are changing for the better.
You can bet that IoT Now will be coming back to this subject regularly.
Click here to download the full report:
Methodology: ‘The Irdeto Global Connected Industries Cybersecurity Survey’ polled 700 security decision-makers across healthcare, transport and manufacturing, plus IT and technology (who manufacture IoT devices) industries. The research was fielded online by Vanson Bourne from March – April 2019 in China, Germany, Japan, UK and US.
The author is Jeremy Cowan, editorial director, IoT Now & www.IoTGlobalNetwork.com