ISACA: Internet of Things to create serious cyber security risks for organisations


November 29, 2013

As if there wasn't already enough evidence out there that proves penetration testing should be an essential part of any company's IT system, the rise of the Internet of Things (IoT) should be the final nail in the coffin that confirms it.

According to new research from ISACA, a global IT solutions and risk analysis provider, the idea that all consumer goods could soon be wirelessly connected – the Internet of Things – provides enormous opportunities for companies. However, it also will leave virtually any businesses, whether it is involved in the IT space or not, vulnerable to cyber attacks.

The study showed 52 per cent of New Zealand and Australian organisations say they plan to capitalise on the impending jump in connected devices, and another 47 per cent said they have already been impacted by the technological advancement.

These impacts included improved services, better efficiency, lower costs and higher customer satisfaction.

So it makes sense why so many businesses are planning to capitalise on it, but this is exactly why there are such high risks involved, too.

Preparing for a rise in malicious attacks

With such huge amounts of interconnectivity, it will be imperative for companies to perform a regular, in-depth security audit. The survey found 28 per cent of respondents said the rise of IoT would come with a rise in security threats that would prompt more governance.

Another 27 per cent said privacy could be affected, while 17 per cent said the most concerning problems would be related to identity and access.

"There are numerous benefits to greater connectivity, but organisations need to be aware of the increased risks that come with the Internet of Things," said Jo Stewart-Rattray, international director of ISACA.

"We’re already seeing a distinct rise in cyber-attacks and threats across the board – from accounts being hacked and credit card details stolen to remote entry being manipulated."

Mr Stewart-Rattray added that all types of organisations, including both public and private groups, will need to take every measure they can to ensure their systems' security is robust enough to stand up to the threats posed by IoT.

This, he said, would be paramount for staying protected against the "inevitable increase in malicious attacks".

There is a clear need for vulnerability management among all businesses, and this will only become more important as the number of connected devices – and potential access points for hackers to exploit – grows.

Leave a Reply

Your email address will not be published. Required fields are marked *