Dramatic increase in IoT-related data breaches due to unsecured devices

News by Robert Abel

Ponemon study finds increase in IoT-related data breaches specifically due to unsecured IoT devices accounting for 26 percent of incidents, up from 15 percent,

A recent Ponemon Institute study found that there has been a dramatic increase in IoT-related data breaches specifically due to an unsecured IoT device or application since 2017.

The study found these breaches account for 26 percent of incidents, up from 15 percent, although the actual number may be greater as most organisations aren’t aware of every unsecured IoT device, application, or third party platform, according to the firm’s "Third Annual Party IoT Risk: Companies Don’t Know What They Don’t Know" report.

Researchers found respondents’ companies experienced a data breach were up from 14 percent and 18 percent respectively in the previous year’s findings as 18 percent of them reported incidents while 23 percent experienced a cyber-attack caused by a third party’s unsecured IoT devices in the last year.

And the study found staffing an budgets aren’t adequate to manage third party IoT risks as respondents agreed third party risk management (TPRM) programs should include IoT risks in order to evolve and mature their practices.

Future prospects look bad as well, with 87 percent of respondents believing it’s likely their own organisations will experience a cyber-attack caused by unsecured IoT devices or applications in the next 24 months, and 84 percent expecting their organisations will experience a data breach due to the same threats.

The study also noted the an accountability gap with less than half of company board members approving programmes intended to reduce third party risk and only 21 percent of board members highly engaged in security practices and understanding third party and cyber-security risks in general.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop