Keyfactor Finds 97% of Organizations Struggle to Secure IoT and Connected Devices

Earlier this year, I covered how software company and IoT identity platform Keyfactor officially joined the Connectivity Standards Alliance, furthering its approach to trust and authentication implementation between interconnected IoT devices and applications. With decades of cybersecurity experience under its belt, Keyfactor has become trusted by more than 1,500 enterprises around our hyper-connected world.

In its efforts to continue securing every device, workload and digital interaction (and to stay in touch with current research on identity-first security solutions), Keyfactor and market research company Vanson Bourne have released new findings from a survey that examined the state of IoT security for both manufacturers and end users alike. The report, titled “Digital Trust in a Connected World: Navigating the State of IoT Security,” put a spotlight on huge concerns and challenges that modernized businesses face as they establish digital trust throughout today’s interconnected industries.

Methodology-wise, the study surveyed 1,200 IoT and connected products professionals across North America, EMEA, and APAC. All respondents, according to Vanson Bourne, had responsibility or knowledge of IoT or connected products within their organization (including OEMs).

The survey’s biggest takeaways?

• 97% of those organizations are struggling to secure their IoT and connected products.
• 98% of them have experienced certificate outages over the last 12 months, costing an average of $2.2 million.

As stated, that is huge. No two ways about it.

Ellen Boehm, Keyfactor’s Senior Vice President of IoT Strategies and Operations, is in agreement:

“Organizations worldwide are under mounting pressure to ensure that each and every connected device is protected while simultaneously navigating increasingly complex digital landscapes that require complete trust,” Boehm said. “The results of this survey confirm that, and they demonstrate the importance of identity-first security for those who manufacture IoT devices and for those who deploy and operate them.”

Other themes and findings from the survey included the following:

• 89% of survey respondents’ organizations that operate and actively use IoT and connected products have been hit by cyber attacks at an average cost of $250,000.
• 69% have seen an increase in cyber attacks, wherein 48% strongly believed that the manufacturer should be “at least mostly responsible for cyber breaches on their products.”
• 4 in 10 organizations reported that they would benefit from using a PKI to issue digital identities on the IoT/IIoT devices in their environment.
• 52% of the budgets being allocated to IoT security are at risk to cover additional security costs, signaling the need for change as IoT proliferates, as a whole.

“Ensuring that IoT device security is managed throughout its entire lifecycle will go a very long way in both eliminating costly certificate outages and enhancing the long-term viability of IoT within the enterprise,” Boehm added.

While connectivity is the lifeblood of IoT, security is certainly the muscle; the shield that ensures strategies are up to par, and that proper education and support is available to those in need of security guidance.