It’s safe to say that the concept of the Internet of Things (IoT) has progressed to the point where a growing number of organizations are exploring the opportunities. What might not be so safe is the IoT itself; security remains one of the biggest concerns and challenges of implementations.
Before we take a look at the security issues, let’s examine some recent research to see just how “real” IoT is. A report released in June 2017 by International Data Corp. (IDC) said spending on the IoT grew 17% year over year in 2017, reaching just over $800 billion. By 2021, the firm said, global IoT spending is expected to total nearly $1.4 trillion, as organizations continue to invest in the hardware, software, services, and connectivity that enable the IoT.
The IoT use cases expected to attract the largest investments in 2017 include manufacturing operations ($105 billion), freight monitoring ($50 billion), and production asset management ($45 billion). IDC said. Smart grid technologies for electricity, gas and water and smart building technologies are also forecast to see significant investments this year ($56 billion and $40 billion, respectively).
While these use cases will remain the biggest areas of IoT spending in 2021, smart home technologies are expected to see strong growth (20% compound annual growth rate) over the five-year forecast. The use cases that will see the fastest spending growth are airport facilities automation, electric vehicle charging, and in-store contextual marketing.
The industries that area making the largest IoT investments this year are manufacturing ($183 billion), transportation ($85 billion), and utilities ($66 billion). Cross-industry IoT investments, which represent use cases common to all industries, such as connected vehicles and smart buildings, will be $86 billion in 2017.
Clearly this will be a large and growing market on a number of levels. IoT will give companies huge amounts of insights about product usage, customer service, supply chain issues, etc. But this increasingly connected world also brings a host of security risks. Safeguarding data and devices needs to be a high priority for any company looking to leverage the IoT for business gain.
According to a June 2017 report from strategy consulting firm Altman Vilandrie & Co., nearly half of U.S. firms using an IoT network have been hit by a recent security breach, which can cost up to 13% of smaller companies’ annual revenues. That’s based on survey data from the firm. Anything with an Internet connection can be hacked, the report notes, creating serious financial and legal exposure for companies and safety concerns for workers and consumers.
The survey, which polled 397 IT executives across 19 industries in April 2017, showed that 48% have experienced at least one IoT security breach. The survey revealed the significant financial exposure of leaky IoT security for companies of all sizes. The cost of the breaches represented 13% of the total revenues for companies with revenues under $5 million annually, and tens of millions of dollars for the largest enterprises.
Nearly half of companies with annual revenues above $2 billion estimated the potential cost of one IoT breach at more than $20 million.
“IoT attacks expose companies to the loss of data and services and can render connected devices dangerous to customers, employees and the public at large,” notes Stefan Bewley, director of Altman Vilandrie & Co. “The potential vulnerabilities for firms of all sizes will continue to grow as more devices become Internet dependent.”
The survey data indicates that preparedness can help. Those companies that have not experienced an IoT-related security incident have invested 65% more on IoT security than those organizations that have been breached.
In other key findings of the survey, 68% of respondents think about IoT security as a distinct category, yet only 43% have a standalone budget. And despite the fact that separate business units might have different needs, 74% of organizations centralize IoT security decisions for the entire organization.
After “preventing loss of control over IoT devices”, traditional cyber security concerns such as preventing breaches of customer information and preventing breaches of company data are ranked as the next most important reasons to adopt IoT security.
According to the IDC report, security hardware and software will see increased investment in the coming years.
"As enterprises are adopting new and innovative services provided by different vendors, a lot of new threats are introduced,” said Ashutosh Bisht, research manager for IT spending at IDC. “So it's very important to upgrade existing security systems to ensure that an optimal business outcome can be reached and ROI can be justified."