With the number of IoT devices expected to skyrocket in the next four years, researchers have called on more robust cybersecurity protections to counter a wave of rising threats.
In a new study by Juniper Research, the number of devices is set to hit 28 billion globally by 2028. However, amidst this sharp growth, the increasing complexity of IoT networks means there's a greater need for effective frameworks that underpin security solutions.
A key factor in this call to action is the fact that industry has a fragmented approach to IoT security, researchers said.
"The IoT cybersecurity market is expected to reach $51 billion by 2028; partly driven by adoption from SMEs," said research author Michelle Joynson.
"To capitalize, vendors must simplify their solutions in a time when IoT architectures are becoming increasingly complex, and a greater number of connectivity technologies are used."
IDC advises enterprise IoT users to protect themselves against high-risk events such as data breaches, financial losses, and regulatory non-compliance by implementing zero trust architecture (ZTA) frameworks as a priority.
"ZTA frameworks operate on the principle that no device on a network is to be inherently trusted; requiring constant authentication," said IDC.
"These frameworks also offer greater visibility of IoT device activity through continuous authentication; enabling earlier threat detection and mitigation."
As for vendors, the scale of expected IoT growth and rapid pace of digitalization by SMBs means these frameworks will need to be deployed across IoT networks of various sizes.
As the number of networks grows, vendors should be leveraging the scalability of their ZTA frameworks to make sure that cybersecurity solutions can keep pace.
IoT remains a security blind spot for enterprises
IoT has become something of a wild west in terms of security, with connected devices representing the biggest targets in the UK last year.
Research from Beaming, for example, found there were at least 161 attacks on IoT devices per day, with threat actors increasingly targeting applications such as building control systems, network-enabled printers, remote monitoring tools, and industrial control systems.
According to the UK's National Cyber Security Centre (NCSC), many devices aren't secure by design or by default, aren't given regular firmware updates, or have weak authentication measures with limited logging, making it hard to detect suspicious activity.
RELATED WHITEPAPER
Similarly, many may not be configured securely, lack proper network segmentation, or use unsupported or end-of-life (EOL) hardware.
Last year, analysis from WithSecure identified a steep rise in security incidents caused by the mass exploitation of IoT and edge devices, including MOVEit, CitrixBleed, Cisco XE, Fortinet’s FortiOS, Ivanti ConnectSecure, Palo Alto’s PAN-OS, Juniper’s Junos, and ConnectWise ScreenConnect.
Earlier this month, the Five Eyes cybersecurity agencies released guidance on how to secure edge devices, including IoT devices, recommending that they include and enable standard logging and forensic features that are robust and secure by default.
MORE FROM ITPRO
- New industry-backed IoT standards aim to bolster security
- Implementing zero trust with the Internet of Things
- What the Internet of Things (IoT) means for data security
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Zero trust gains momentum amid growing network visibility challengesNews Organizations are looking to automation, orchestration, and risk mitigation as key security priorities
-
Cisco claims new smart switches provide next-level perimeter defenseNews Cisco’s ‘security everywhere’ mantra has just taken on new meaning with the launch of a series of smart network switches.
-
Five Eyes cyber agencies issue guidance on edge device vulnerabilitiesNews Cybersecurity agencies including the NCSC and CISA have issued fresh guidance on edge device security.
-
2024 was a record year for commercial cyber attacksNews China-backed attacks on IoT systems helped keep numbers high
-
Cognizant and Zscaler expand partnership to launch new AI-powered zero trust security toolsNews The pair’s expanded partnership aims to help customers simplify their security setups while tackling evolving cyber threats
-
T-Mobile security chief insists its defenses stood up to attacks linked to Salt TyphoonNews No T-Mobile customers or services were affected after its security teams detected suspicious activity on their routers
-
Securing your network in every direction with zero trustWhitepaper Webinar on the evolution of network security
-
Turning your log and incident data into real-time security insightsWhitepaper Integrate multiple data sources for a comprehensive security view
