Ponemon Institute and Shared Assessments Find IoT Risks


Ponemon Institute, an independent research firm that focuses on privacy, data protection and information security policy, and Shared Assessments Program, the industry-standard body on third party risk assurance, released their findings from their annual survey, “The Internet of Things (IoT): A New Era of Third Party Risk.

The report was distributed to understand organizations’ level of awareness and preparedness for the upcoming enterprise IoT wave. Participants were asked to evaluate their perception of IoT risks, the state of current third party risk management programs and their companies’ current governance practices to defend against cyber attacks.

“More and more enterprises are turning to IoT to improve business outcomes and this growth is creating a breeding ground for cyber attacks,” said Dr. Larry Ponemon, chairman and founder, the Ponemon Institute. “What’s shocking about these findings is the complete disconnect between understanding the severity of what a third party security breach could mean for businesses, and the lack of preparedness and communication between departments.”

What did they find? The findings uncovered a high rate of concern among organizations about the security of IoT. The respondents felt a gap in understanding of how to mitigate and communicate the risks, especially as it relates to third parties.

The survey found that 76 percent say a DDoS attack involving an unsecured IoT device is likely to occur within the next two years. 94 percent of those surveyed noted that a security incident related to unsecured IoT devices or applications could be catastrophic. Also 69 percent of respondents do not keep their CEO and board informed about the effectiveness of the third party risk management program. 44 percent say their organization has the ability to protect their network or enterprise systems from risky IoT devices. 77 percent of respondents are not considering IoT-related risks in their third party due diligence. 67 percent of those surveyed are not evaluating IoT security and privacy practices before engaging in a business relationship.

“Ready or not, IoT third party risk is here. Given the proliferation of connected devices, today’s cyber climate is evolving and organizations have to shift their focus to the security of external parties, now more than ever,” said Charlie Miller, senior vice president, Shared Assessments Program. “In order to avoid becoming the next big headline, our security tactics have to evolve along with the threats. New technology and practices are needed to ensure security, and this starts by communicating the risks to the right people and acknowledging potential devastating outcomes when engaging with a third party. Avoiding these problems can no longer be the solution.”     

The partnership of the Ponemon Institute and Shared Assessments Program is making sure that organizations are as prepared as possible to defend themselves against security threats that are associated with using the IoT.

Edited by Ken Briodagh
Related Articles

Two Israel-based Global Enterprise 5G Innovator Announce Integration Supporting Industry 4.0 Solutions

By: Arti Loftus    6/23/2021

As businesses continue to drive forward with IoT, Industrial IoT, automated systems, edge computing programs, and infrastructure innovation, the deman…

Read More

Mavenir and MobiledgeX Enable Global Edge Connectivity with Deutsche Telekom

By: Arti Loftus    6/22/2021

As the "telco-cloud" world moves rapidly toward cloud-native edge-to-edge orchestrated solutions, ecosystems are hard at work collaborating on concept…

Read More

As IoT Continues to Evolve, The Growth of Analytics Gains Unstoppable Momentum

By: Juhi Fadia    6/22/2021

Can IoT "operating systems" and related networks ever be too smart? Senet and SenRa don't think so, and last week announced that the two companies hav…

Read More

MachineMetrics Announces $20M Series B Funding Round

By: Arti Loftus    6/17/2021

The growth of applications designed to further automate and optimize manufacturing operations continues unabated given the success of modernization pr…

Read More

New Statistics from The Eclipse Foundation Indicate that Edge Computing Adoption Continues to Boom

By: Matthew Vulpis    6/14/2021

The Eclipse Foundation, one of the world's largest open-source foundations, recently announced the availability of its 2021 IoT and Edge Commercial Ad…

Read More