As use of IoT devices grows, so do the associated security risks
Organizations deem mobile and Internet of Things (IoT) devices crucial to their operations, but they also recognize that the risk of using these devices has climbed over the past year.
In fact, 46% said mobile devices had progressed beyond a nice-to-have product to become a critical business tool, with 80% describing these devices as necessary, revealed Verizon Business' 2024 Mobile Security Index. The survey polled 600 professionals responsible for procuring, managing, and securing mobile devices in the US, UK, and Australia. Respondents from the US accounted for 78% of the total base, with the UK making up 16% and Australia at 6%.
Also: AI-powered 'narrative attacks' a growing threat: 3 defense strategies for business leaders
Some 55% said they have more users with more mobile devices now than 12 months ago, and 50% noted that these devices have greater access to sensitive information than previously.
The majority, 95%, also used IoT devices in their operations, including 62% that had mature, full-scale IoT deployments. In addition, 96% of companies that operated critical infrastructures used IoT devices, according to the study. Respondents were from organizations in 10 verticals, of which six were critical infrastructure sectors, including healthcare, energy, and utilities.
The report further revealed that 53% of critical infrastructure operators had experienced mobile or IoT device-related security incidents that led to data loss or system downtime. Another 48% encountered a significant impact due to a security compromise involving an IoT device.
Some 87% of respondents in critical infrastructure sectors believed a security breach involving mobile and IoT devices would substantially impact their business.
Furthermore, 86% acknowledged security risks associated with these devices had increased over the past year, with 44% pointing to the integration of mobile and IoT services as a daunting security challenge.
Also: AI at the edge: 5G and the Internet of Things see fast times ahead
Across the board, 64% believed they faced significant or extreme risks from mobile device threats. About half, at 51%, had experienced mobile app-related incidents due to activities such as malware or unpatched vulnerabilities.
However, while 93% were concerned about mobile cybersecurity, just 39% had defined companywide IoT standards, and 37% had centrally coordinated IoT projects.
Some 87% were somewhat worried about shadow IT, while 54% were very or quite worried about such unsanctioned use of IT products and services.
Amid growing interest in artificial intelligence (AI), 77% of respondents expected AI-assisted attacks, such as deepfakes and SMS phishing, to likely succeed.
Also: AI is changing cybersecurity and businesses must wake up to the threat
At the same time, 88% believed that AI-assisted cybersecurity tools would be increasingly important in the future.
"The Industrial IoT (IIoT) is giving rise to a massive expansion in mobile device technology that goes well beyond phones, tablets, and laptops," said TJ Fox, Verizon Business' senior vice president of IIoT and automotive. "Enterprise networks now include all sorts of sensors and purpose-built devices that monitor, measure, manage, and control commercial tasks and data flow."
"That IIoT growth brings with it a proportionate need for more knowledge, awareness, and IT solutioning to ensure the security of those increasingly sophisticated networks," Fox said. "The growing importance that IoT plays in our customers' technology ecosystem underscores why it should be a component in any sound cybersecurity program."
According to the study, 84% of respondents had bumped up their mobile device security expenditure over the past year, with 89% of those in critical infrastructure sectors planning further increases.