Many businesses in the UK are vulnerable to internet of things (IoT) attacks because they lack adequate cyber security.
Out of the 5.7 million registered businesses in the UK, 2.7 million of them are at risk.
This is according to an independent survey by ForeScout and CensusWide. Included in the survey were 500 CIOs and IT decision makers, assessed on their preparedness for Internet of Things (IoT) cyber security.
The results showed 47% admitted to not updating default passwords on all Internet of Things devices when they are added to corporate networks; 15% admitted to not keeping security patches up to date.
This is concerning but not altogether surprising – only 54% of respondents had complete confidence that they can identify every device on their network. Alongside this, 72% of IT managers are cybersecurityconcerned about the security risks associated with adding further devices to the company’s network. This means the challenge will only worsen as 40% of respondents stated that they are planning to increase their operational technology spend on connected devices.
“The convergence between IT and OT is where businesses are looking to drive some major efficiency gains in 2018, but it makes the challenge of knowing exactly what devices are on your network that much harder,” explained Myles Bray, vice president of EMEA at ForeScout. “Internet of Things has expanded the attack surface considerably for all firms, and without basic security hygiene it is easy for bad actors to gain a foothold and then move laterally on a network to reach high-value assets and cause business disruption. With GDPR being such a priority businesses need to act now.”