Security Ledger recently teamed up with the folks over at Xively/LogMeIn to take a hard look at the state of IoT security today. Together we surveyed over 400 product professionals regarding IoT security. Some of the results were expected (i.e. companies ranked security as a top priority when developing a connected product) and some, well, surprised us.
While most respondents found that protecting against malicious attacks on devices was far and away the top security concern and priority, it was who these organizations were concerned about that was really intriguing. When asked about cyber-adversaries, 50% noted that they were most worried about organized criminal groups and skilled hackers – beating out seemingly more mundane issues like weak communication security and authentication (only 9% ranked ‘weak user authentication to device’ as a top concern). But here’s the issue with that. 81% of hacking related breaches use either stolen or weak passwords – 81%. It’s the most common IoT adversary, yet the one manufacturers seem less concerned about.
Check out the results of our survey here and our discussion of common IoT security pitfalls here.