Like cloud computing, smartphones and the plain old internet before it, the internet of things (IoT) is being heralded as a game-changing technology for businesses. Airlines, for example, expect the proliferation of IoT technologies to help the industry improve performance, service and practically every other aspect of air travel.
Some organizations still need convincing, at least in the short term, Microsoft found in a study of IoT security. According to the Redmond, Wash., software giant, security is the top obstacle to corporate adoption of IoT technologies and will remain so through 2017.
“The continuous connection of smart devices across networks, commonly called the internet of things (IoT) is driving a transformation in how enterprises all over the world manage network infrastructure and digital identities,” blogged Microsoft staffers recently. “With such rapid change comes new cyber-security challenges. Many organizations are hesitant to tap into the power of the IoT due to the complexities and risk associated with managing such a diverse–and sometimes unclear–environment.”
Microsoft estimates that more than a quarter of all cyber-attacks will target the IoT in 2020. Meanwhile, organizations will spend just over 10 percent of their security budgets on protecting their IoT deployments during the same year.
Businesses aren’t the only ones concerned about the IoT and its impact on data security. Earlier this year, a survey from mobile security specialist BullGuard revealed that among the 66 percent of consumers planning to buy IoT devices, 66 percent were worried about attacks targeting their devices and 57 percent were wary of the privacy implications.
If history is any guide, the IoT and its tens of billions of devices will be too tempting a target for hackers to pass up.
In 2014, the industry experienced a 78 percent year-over-year increase in breaches, Microsoft said. All told, approximately 15 to 20 percent of the internet’s value is lost to cyber-crime.
The intersection of IT and end users continues to be a persistent source of problems for organizations.
Forget loose lips, nowadays weak passwords sink ships. According to Microsoft’s data, more than three-quarters of all network breaches stem from stolen or easily-guessed credentials. Sixty percent of employees use personal devices to perform their jobs. Citing data from a Frost & Sullivan examination of shadow IT, Microsoft shared the alarming statistic that 80 percent of employees use unsanctioned web applications for work.
Naturally, Microsoft is no stranger to hacking attempts.
The company reports that every day, it blocks 1.5 million fraudulent log-in attempts on its consumer online services. For businesses, once a hacker gains access to their corporate networks, they may go undetected for several months, if not longer, giving them ample time to nab valuable data and cover their tracks. On average, it takes more than 200 days for organizations to discover that they have been victims of an attack, Microsoft said.