IT leaders could be dangerously underestimating the security risks posed by IoT, according to new research from Trend Micro.
The security vendor polled 1150 IT and security decision-makers in the UK, Germany, the US, Japan and France.
Despite businesses spending an average of over $2.5m each year on IoT projects, they don’t appear to be investing in cybersecurity.
Even though 63% of respondents agreed that IoT-linked attacks have increased over the past year, just half (53%) think they’re a threat to their organization.
This might explain why over two-fifths (43%) regard IoT security as an afterthought, and just 38% get security teams involved in the implementation process for new projects. This drops even further for smart factory (32%), smart utility (31%) and wearable (30%) projects.
Responding organizations suffered an average of three attacks on connected devices over the past year, according to Trend Micro.
“The embedded operating systems of IoT devices aren’t designed for easy patching, which creates a universal cyber risk problem,” said the firm’s COO, Kevin Simzer. “The investment in security measures should mirror the investment in system upgrades to best mitigate the risk of a breach that would have a major impact on both the bottom line and customer trust.”