Do not neglect security in the IoT environment

The new Kaspersky study "With superpower comes super responsibility: Benefits and challenges of IoT in business." shows that companies and organizations are increasingly concerned with IT security challenges affecting the Internet of Things (IoT). For example, 28% of respondents from diverse industries (Kaspersky_Infographic IoT Report Industries) report having experienced security issues related to the use of IoT platforms in 2019. In addition, connected devices and sensors transmit data in the terabyte range.

Addressing security aspects of IoT implementation

The study also shows that organizations should primarily focus on their own partner systems, as 36% of all companies reported granting third parties access to IoT platforms - a much higher figure than for production (23%) or ERP software (30%).

"IoT platforms can provide a powerful boost to one's business. But to reap the benefits, companies need to put in a considerable amount of effort. Effective application of the Internet of Things requires very specific business processes and expertise," says Grigory Sizov, head of the KasperskyOS business unit. "Our study shows that the security question must be answered in the IoT environment as well. Among other factors, the issue here is equipment security, technical as well as organizational protection measures, and data protection. It is important to consider security issues at an early stage of IoT implementation. To support our customers in this task, we at Kaspersky are working to further develop IoT security solutions and related expertise."

"In 2020, we will see more decentralized systems in the Industrial Internet of Things (IIoT) space that seek to take advantage of technologies such as DLT (distributed ledger technology) and artificial intelligence," said Richard Soley, executive director, Industrial Internet Consortium. "Certifiable models based on, for example, the IIC (Industrial Internet Consortium) reference architecture, connectivity architecture, trustworthiness and other outcomes are already driving international standards."

Tips for secure IoT deployment in the enterprise

Kaspersky recommends that companies consider the following points for secure and successful IoT use:

• Before using networked devices, their security must be evaluated. Do the devices have security certificates? Is the manufacturer known for its attention to information security?
• The team responsible for IT security should have up-to-date threat intelligence. Security audits must be performed on a regular basis.
• Appropriate and rapid incident response requires that procedures are in place to ensure that knowledge of significant security vulnerabilities in software and applications, as well as available updates, is always available.
• Deploy cybersecurity solutions that can analyze network traffic and detect and prevent potential attacks on IoT devices. The findings can then be incorporated into the company's complete network security system.
• Only IoT devices that are specifically designed for security should be used. Solutions are available on the market that ensure a secure gateway and protect all connected devices and the complete IoT system.

Nearly 5,000 business decision makers in 23 countries were surveyed for the Kaspersky study. In addition, insights from the Kaspersky ICS CERT were used to gain insight around the current IoT threat landscape.

Source: Kaspersky