IoT security risks escalating, says Verizon
- August 7, 2024
- Steve Rogerson
Verizon has found escalating risks in mobile and IoT security.
Its 2024 Mobile Security Index (MSI) report outlines the top threats to mobile and IoT device security. This year’s report, in its seventh iteration, goes beyond employee-level mobile usage and extends into the use of IoT devices and sensors and the security concerns the growth of these devices can present especially as remote work continues to be a trend.
This expanded view of mobile security concerns for organisations showcases the evolving threat landscape with which CIOs and other IT decision makers must contend.
As dependency on mobile devices grows, so too do the risks, especially in critical infrastructure sectors where the consequences of security breaches can be catastrophic. The 2024 MSI, which surveyed 600 people responsible for security strategy, policy and management, underscores this point.
The survey found that 80% of respondents considered mobile devices critical to their operations, while 95% were actively using IoT devices. However, this heavy reliance comes with significant security concerns.
In critical infrastructure sectors, where 96% of respondents report using IoT devices, more than half say they have experienced severe security incidents that led to data loss or system downtime.
“These findings highlight the continued friction that employers face as more and more work is done on personal mobile devices,” said Phil Hochmuth vice president at IDC. “This is why we are seeing more and more employers move from a pure bring-your-own-device model to employer provided devices where CIOs can have greater governance to protect critical infrastructure from cyber attacks.”
Additionally, Hochmuth said organisations should adopt robust frameworks such as zero trust and the NIST CSF 2.0, and comply with mandates such as the European Union’s NIS2 directive.
Emerging artificial intelligence (AI) technologies are expected to exacerbate the mobile threat landscape, but they also present opportunities for defence. A striking 77% of respondents anticipate that AI-assisted attacks, such as deepfakes and SMS phishing, are likely to succeed. At the same time, 88% of critical infrastructure respondents acknowledge the growing importance of AI-assisted cyber security.
With companies increasingly deploying IoT devices, their digital landscapes are evolving, creating a need for cyber-security strategies to evolve in kind.
“The industrial IoT is giving rise to a massive expansion in mobile device technology that goes well beyond phones, tablets and laptops,” said TJ Fox, senior vice president at Verizon Business. “Enterprise networks now include all sorts of sensors and purpose-built devices that monitor, measure, manage and control commercial tasks and data flow. That IIoT growth brings with it a proportionate need for more knowledge, awareness and IT to ensure the security of those increasingly sophisticated networks. The growing importance that IoT plays in our customers’ technology ecosystem underscores why it should be a component in any sound cyber-security programme.”
The 2024 MSI helps inform cyber-security decisions for businesses of all sizes and in key sectors. As mobile and IoT threats rise, the need for robust security measures has never been greater. In response to these growing threats, 84% of respondents have increased their mobile device security spending over the past year, with 89% of critical infrastructure respondents planning further increases.
More on the report can be found at www.verizon.com/business/resources/reports/mobile-security-index.