Tripwire, a software company, has announced the results of a study that evaluated the security of connected devices in enterprise environments in 2021, and it is not comforting.
The security of the Internet of Things and the Internet of devices is under threat
The survey, conducted by Dimensional Research, evaluated the views of 312 security professionals who manage the security of the Internet of Things (IoT) and Industrial Internet of Devices (IIoT) in their organizations.
According to the survey, 99% of security professionals report security issues with their IoT and IIoT devices, and 95% are concerned about the risks associated with these connected devices.
More than three-quarters of those surveyed said connected devices were struggling to fit into their existing security approach, and 88% required (or still need) additional resources to meet their IoT and IIoT security needs. This is of particular concern to those working in the industrial space, as 53% said they could not fully control the connected systems entering their controlled environment, and 61% had limited visibility of changes to security vendors in their supply chain.
“The industrial sector faces a new set of challenges when it comes to protecting the converged IT-OT environment”, said Tim Erlin, vice president of product management and strategy at Tripwire.
“In the past, cybersecurity has focused on IT assets such as servers and workstations, but the increased connectivity of systems requires industrial security professionals to expand their understanding of what is in their environment. You can’t protect what you don’t know”.
Practices and problems of security specialists
88% of the respondents comply with some standard or security structure, and most of them are checked for compliance with this structure. Even so, industry experts from the manufacturing, energy, agricultural, pharmaceutical, chemical, nuclear, oil and gas, and oil and gas industries believe that they will benefit from the expansion of the APCS safety standards.
97% are concerned about supply chain security, and 87% agree that existing IoT and IIoT security guidelines compromise the security of their supply chains.
Erlin added: “It is clear that managing supply chain risk is a top priority for industrial security teams, given the level of attacks we have seen this year. The risk of a large-scale supply chain is not new, so this should encourage companies to invest in resources that help maintain a safer environment”.
The survey showed that some organizations are already moving in the right direction. In light of recent developments, 59% of companies report that their budget for supply chain security management has increased over the past year.
In addition, 99% report that their security services already have a habit of denying employees requests to connect devices. 43% of respondents say they often do, indicating that work is already underway to maintain a smaller size of connected space and manage inventory on the network.