Survey Reveals Serious IoT Concerns

The survey was based on responses from 603 IT and line-of-business decision-makers involved in enterprise security teams across the US, UK, Germany, France, Australia and New Zealand.

• By Jessica Davis
• Nov 13, 2017

According to a new report from Forescout and Forrester, 90 percent of companies said they expect to see an increase in the volume of network-connected devices on the Internet of Things (IoT) in the next five years. The survey has also shown that many IT and line-of-business (LOB) decision-makers involved in enterprise security teams worldwide feel anxiety over IoT-related security worries.  

Despite their faith in IoT growth, the majority of the survey respondents (82 percent) are unable to identify all IoT devices connected to their network. When asked who is primarily responsible for the security of these network-connected devices, respondents did not have a clear answer.

As a result of this uncertainty, 54 percent of respondents said the question of security of IoT devices and the impact on a business if security should fail is causing them anxiety. Forty percent of those surveyed said their companies still rely on traditional security approaches despite their inability to report what devices are connecting to where and when, and a remarkable 59 percent said they were willing to tolerate a medium to high-risk level in relation to IoT security compliance requirements.

Companies need to be able to see malicious devices or suspicious activity on their networks in order to secure their networks and data. About half (48 percent) of respondents believe this awareness and visibility of devices should be a top priority for improving IoT security. However, the survey found that investment in IoT security improvement was hindered by budget constraints and lack of support from senior leadership.

A majority of respondents (82 percent) expect to spend more on IoT security in the coming years. “Securing IoT is not just a cybersecurity issue, it is a business issue and operating at any risk level is too much. Enterprises need full visibility,” said Michael DeCesare, president and CEO at ForeScout.