Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT/Embedded Security

End of Bibblio RCM includes -->
10/26/2018
08:15 AM
Larry Loeb
Larry Loeb
Larry Loeb

IoT Device Adoption Hampered by Consumer's Security Concerns

For companies looking to jump on the IoT bandwagon, the adoption of these devices is being slowed by consumers' concerns over safety and security, a new report finds.

For enterprises and companies looking to cash in on the explosion of Internet of Things devices, it's time to listen to the concerns of your target audience. Consumers are concerned about security and that's slowing adoption.

These are the conclusions of a report conducted by the Cyber Security Research Institute and sponsored by F-Secure. The study, "Pinning Down the IoT," is based on over 19,200 consumer interviews conducted over five years in the US and Europe. Participants included politicians, a senior police officer, cybersecurity specialists, industry analysts, think tank observers and other industry figures involved in developing technology for the IoT.

The stakes for IoT are big, with IDC estimating the market for these connected devices and sensors will increase from $800 billion in 2015 to $1.3 trillion by 2020, with manufacturing, transport and utilities seeing the bulk of that spending.

(Source: iStock)
(Source: iStock)

However, the study notes that there are factors that are holding back IoT adoption. It found that the consumers most eager to purchase new connected devices -- the so-called early adopters -- tend to delay or avoid new IoT purchases due to privacy or security concerns.

The study reports that 80% of US early adopters were worried that new Internet connect devices, such as wearables and connected home appliances, could lead to a violation of their privacy by leaking data. This compares to 63% of UK early adopters and 75% of the French early adopters who express the same concerns.

Security concerns were prevalent as well. Specifically, 66% of UK early adopters were concerned that IoT devices could be affected by malware or that IoT hardware would be hacked.

Some populaces may not be very aware of any direct IoT benefits to them.

A different survey conducted by Transport for London, and quoted in the F-Secure report, found that 66% of city residents didn't see the value in spending money on smart city infrastructure, which is basically IoT applied to practical problems, when compared to other areas where the money could be spent.

Some segments of populace do, however.

In addition, F-Secure cited Silk Road, an analytics company that works with builders, which found was that 84% of older people want to have IoT technology, especially if it means that they can stay in their house longer.

The main reason for adopting IoT is for health monitoring. The second reason was to maintain their independence. The third reason is to starve off loneliness.

In a 2017 survey cited by the report, Gemalto, a Dutch company that manufactures SIM cards for mobile phones, found that 96% of organizations and 90% of consumers report that there is a need for IoT security regulations. Additionally, more than half of those surveyed confirmed owning an IoT device, but only 14% knew how to protect it.

Gemalto also found that 90% of consumers and 86% of businesses report that governments should handle regulation of IoT devices.

As the report states:

The need to secure every device that connects to the internet is clear, but many manufacturers aren't yet acting proactively to make sure all customers can keep their devices updated and safe. As the massive scale of the potential vulnerabilities being built into the IoT becomes impossible to ignore, regulators may have no choice but to act.

Related posts:

— Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-1678
PUBLISHED: 2022-05-25
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
CVE-2021-32966
PUBLISHED: 2022-05-25
Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDAP s...
CVE-2021-32989
PUBLISHED: 2022-05-25
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.
CVE-2021-32997
PUBLISHED: 2022-05-25
The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. 3060/00 versions 6.98 and prior, 3500 System 1, Part No. 3071/xx & 3072/xx versions 21.1 HF1 and prior, 3500 Rack Configuration, Part No. 129133-01 versions 6.4 and prior, and 3500/22M Firmware, Part No. 288055-01 ver...
CVE-2021-35487
PUBLISHED: 2022-05-25
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, dat...