09 February 2018
Many companies believe IoT security is the responsibility of the consumer, finds new research carried out by Radware.
After surveying 605 IT executives from around the world for its 2017-2018 Global Application and Network Security report, the firm found that when asked who needs to take responsibility for IoT security, there was no clear consensus. Executives pinned responsibility on the organisations managing the network or on device manufacturers, but the majority (56 per cent) said it was down to consumers using IoT connected products.
Andrew Foxcroft, regional director for Radware UK, Ireland and Nordics, says it’s time companies closed the debate and assume responsibility themselves: “Everything that is attached to the network is a threat to security. The longer we debate who is responsible, the more advantage we hand to the hackers who will do everything that they can to exploit weaknesses.
“Governments of the world are taking more interest in IoT and if companies fail to be decisive, take responsibility and collaborate on security, legislation will make the decision for them – look at Germany’s decision to ban smart toys.”
Last November, Germany’s telecoms regulator, the Bundesnetzagentur, banned domestic sales of children’s smartwatches that have a listening function because of surveillance fears.
Foxcroft adds that it’s “lazy” to assume consumers will think about security.
“We already know people find it challenging to keep up with software updates and are unlikely to think through the risks regardless of the terms and conditions they sign up to.
“The network is only as strong as its weakest link and the sooner companies realise IoT devices are the weakest link, and that the buck will always stop with them, the better.”