So, what about IoT security? Workers can be educated in the context of an overall cybersecurity strategy but what about consumers? And can you keep the manufacturers of devices who don’t take security into account away? And what about the installed base?
If we want to realize all this, it’s going to take a long time before we’re there if we ever get there at all. Because here is again another fact from the enterprise world: although Gartner expects that by 2020, over 25 percent of identified enterprise attacks will involve IoT, IoT will only account for 10 percent of security budgets. If it’s not considered important enough in organizations, then why would it be overall? The industry can play a role but it can’t do everything.
Knowing that, also according to Gartner, through 2018, over 50 percent of IoT device manufacturers will not be able to address threats from weak authentication practices, the picture becomes even worse.
It’s probably not a coincidence that, with the 2016 holiday season in mind, associations and vendors are stepping up their marketing and communication efforts to remind us, as consumers, reporters and analysts, that consumers really aren’t educated, or at least confident enough on IoT security and security overall.