A recent Omdia-Syniverse IoT Enterprise survey notes security as the biggest hurdle to IoT growth, with 50% of respondents stating the ability to ensure data, network, and device security as their top concerns. Even our government prioritized security near the top, recently putting the Internet of Things (IoT) Cybersecurity Improvement Act into law. But hackers are still making hay while the sun shines.
IoT security vulnerabilities come in many shapes and sizes, spanning verticals and posing threats at the user, device, and network levels. Take healthcare, for example. As of March 2019, some 60% of healthcare organizations introduced IoT devices into facilities. Nearly 90% of healthcare firms plan to implement IoT tech this year. According to the Herjavek Group, 57% of healthcare organizations have experienced more than five data breaches over the last three years. And over 95% of healthcare organizations have experienced at least one data breach in that time.
Inconsistent device production standards paired with poor maintenance and updates are providing fertile ground for nefarious acts. With the abovementioned legislation in place, manufacturers are tasked with meeting more rigorous NIST standards and better-communicating information on device end of life or length of support, how customers can report vulnerabilities, and update availability.
Preventing your organization from becoming front-page news means ensuring there is no weakest link. According to Cybercrime on average, each medical device possesses 6.2 vulnerabilities, offering hackers easy access to a hospital network and critical data. The FDA and DHS noted third-party communications software was a prevalent access point pre-pandemic. The mass migration of the workforce home didn’t help matters, as now the theater of attack vectors increased dramatically. Your Alexa is a much easier target than you think.
At the user level, mitigating risk starts with a strong password. In 2019, 80% of data breaches were caused by password compromise. Fun fact: the average person reuses the same password 14 times. Nearly 50% of workers use the same passwords for both work and personal accounts. Complexity is your friend when creating your password.
Now that we’ve laid out some of the scary truth, let’s talk solutions.
The modern cat and mouse game of security is something Tom and Jerry would admire, but it is no laughing matter. Each connection – personal or business – can open a gateway with no way of recouping from the consequences.