According to new research from Irdeto, cyber-attacks on IoT devices could cost the UK economy over £1 billion each year. The Dutch security vendor polled IT security decision-makers from British organisations in the transport, health and manufacturing sectors. It found that attacks on connected kit led to losses of an average £244,000.
As well as the headline costs, more than half of those who responded claimed to have suffered downtime in the past year due to IoT attacks. 41 per cent of these people said that customer data had been compromised as a result.
If GDPR regulators decide that the victim organisations haven’t taken the appropriate steps to protect customer data, this could pose a major compliance challenge and could also lead to attrition. 33 per cent of respondents said they lost customers and 29 per cent claimed their brand’s reputation had suffered as a result.
Attacks on IoT devices could also affect the physical world. From drug infusion pumps to connected cars, IoT devices play an essential role in a wide range of sectors. It is worrying that 28 per cent of organisations told Irdeto that, due to the attacks in the cyber domain, they suffered compromised end-user safety.
Steve Huin, Irdeto VP of strategic partnerships, made the argument that unsecured IoT endpoints are like low-hanging fruit for cyber-criminals.
“It’s clear that, if not addressed, a lack of IoT security could pose a serious financial threat to the wider UK economy. With so many devices entering the market and being deployed in critical businesses, the need for improved security measures is without question,” he added.
“Connected device manufacturers must move away from the traditional mindset of ‘build, ship and forget’ and ensure that devices are secure from the very point of design, incorporating multiple layers of security as well as offering regular health checks and software updates. If unsure, consumers should also ask their manufacturers about device security and appropriate measures to keep their information secure.”
In the future, doing this should be easier, once the government has introduced a new law with the intention of improving IoT security.
Join us for ECS UK
Join Whitehall Media’s 4th Enterprise Cyber Security conference where we bring together hundreds of cybersecurity and InfoSec specialists from both the public and private sector committed to protecting the largest organisations from a growing cyber threat. Covering secure systems, new threats and defences and the ways organisations can adapt to provide the best possible security for their customers and employees.
ECS UK will be held on 24th September 2019.