Something as big and potentially game-changing as the Internet of Things (IoT) may have a tough time escaping the attention of IT pros, but the miniscule components that comprise it are going undetected in a large number of enterprise, according to new research from ISACA.
The group, formerly known as the Information Systems Audit and Control Association, found that 50 percent of the 2,000 technology and security professionals surveyed believe that their IT departments aren't fully aware of their organization's connected devices. In short, today's smart thermostats, TVs and a host of network-linked devices including cars represent an invisible and growing attack surface for half of all enterprises.
"In the hidden Internet of Things, what is also invisible are the countless entry points that cyber attackers can use to access personal information and corporate data," commented Christos Dimitriadis Ph.D., international president of ISACA, in a statement. "The spread of connected devices is outpacing an organization’s ability to manage it and to safeguard company and employee data."
Understandably, ISACA's report, the 2015 IT Risk/Reward Barometer, also revealed that most IT professionals in the U.S. are suspicious of IoT technologies.
A majority of (73 percent) respondents said they rank the likelihood of being hacked through an IoT device as "medium or high." Another 62 percent feel that the use of IoT devices at work can compromise user privacy.
That mistrust is spilling onto IoT device vendors.
Seventy-seven percent of respondents said IoT device makers are falling short on safeguarding their IoT devices in terms of data security perspective. Current security standards don't adequately address the IoT, according to 78 percent of those polled.
Most respondents (88 percent) said manufacturers aren't making consumers sufficiently aware about the types of information IoT devices are capable of collecting. While most consumers (64 percent) expressed confidence in controlling the security of their IoT devices, only 20 percent of IT pros felt the same way.
"It is clear that further education and awareness efforts are needed. Now," urged Rob Clyde, international vice president of ISACA, in blog post. "The number of B2B IoT devices is expected to grow from 1.2 billion connected devices in 2015 to 5.4 billion in 2020. That is a lot of important personal and confidential data being shared, transported and used by often unknown entities."
Pedro Hernandez is a contributing editor at Datamation. Follow him on Twitter @ecoINSITE.
Photo courtesy of Shutterstock.