Security in IoT top concern for ME consumers
DUBAI, October 31, 2017
Eighty-one per cent of Middle East consumers view security as a key consideration while using Internet of Things (IoT) devices, said Gemalto, a world leader in digital security.
This comes as the majority of consumers and organizations in the region support government regulations in setting IoT security, said Sebastien Pavie, regional director META, Enterprise & Cybersecurity at Gemalto.
“It’s clear that both consumers and businesses in the Middle East have serious concerns around IoT security and little confidence that IoT service providers and device manufacturers will be able to protect IoT devices and more importantly the integrity of the data created, stored and transmitted by these devices,” said Pavie.
“With legislation like NESA showing that governments are beginning to recognize the threats and long-lasting damage cyber-attacks can have on everyday lives, they now need to step up when it comes to IoT security. Until there is confidence in IoT amongst businesses and consumers, it won’t see mainstream adoption.”
The current state of play in IoT security
Consumers’ main fear (cited by 67 per cent of respondents) is the concern than their data will be leaked and 65 per cent are concerned that hackers could control their IoT devices. Almost half (49 per cent) of Middle East consumers are concerned that a hacker could access their personal information through IoT devices.
Despite more than three quarters (78 per cent) of consumers in the region owning an IoT device, just 21 per cent believe that they are extremely knowledgeable when it comes to the security of these devices, showing education is needed among both consumers and businesses.
In terms of the level of investment in security, the survey found that IoT device manufacturers and service providers spend just 12 per cent of their total IoT budget on securing their IoT devices. The study found that these companies do recognize the importance of protecting devices and the data they generate or transfer with 48 per cent of Middle East companies adopting a security by design approach.
Over half (55 per cent) of Middle East organizations encrypt all data it captures or stores via IoT devices with 47 per cent encrypting the data as soon as it reaches their IoT device, while 44 per cent as it leaves the device. All Middle East (100 per cent) companies reported that they also see an increase in sales or product usage after implementing IoT security measures.
Support for IoT security regulations gains traction
According to the survey, businesses are in favour of regulations to make it clear who is responsible for securing IoT devices and data at each stage of its journey (74 per cent) and the implications of non- compliance (52 per cent). In fact, all organizations in the Middle East (100 per cent) and most consumers (93 per cent) believe there is a need for IoT security regulations – and want government involvement.
Lack of end-to-end capabilities leading to partnerships
Encouragingly, businesses are realizing that they need support in understanding IoT technology and are turning to partners to help, with IoT service providers (66 per cent) and cloud service providers (44 per cent) as the favoured options. When asked why, the top reason was wanting to receive an end-to-end solution (50 per cent), followed by needing help in facilitating and speeding up their IoT deployment (48 per cent) and filling their expertise and skills gaps (44 per cent).
While these partnerships may be benefiting businesses in adopting IoT, organizations admitted they don’t have complete control over the data that IoT products or services collect as it moves from partner to partner, potentially leaving it unprotected.
“The lack of knowledge among both the business and consumer worlds is quite worrying and it’s leading to gaps in the IoT ecosystem that hackers will exploit,” Pavie said.
“Within this ecosystem, there are four groups involved – consumers, manufacturers, cloud service providers and third parties – all of which have a responsibility to protect the data. ‘Security by design’ is the most effective approach to mitigate against a breach.
“Furthermore, IoT devices are a portal to the wider network and failing to protect them is like leaving your door wide open for hackers to walk in. Until both sides increase their knowledge of how to protect themselves and adopt industry standard approaches, IoT will continue to be a treasure trove of opportunity for hackers,” he concluded. – TradeArabia News Service