Industry needs to plug IoT security holes or face vertical meltdown

PSA Certified’s 2022 Security Report reveals significant gaps in IoT security provision, with only 31% of technology decision-makers feeling ‘very satisfied’ with their level of security expertise in-house. So, what are these gaps in IoT security deployments? And what do organizations need to do to be better prepared?


It comes as no surprise that the Russian invasion of Ukraine has triggered increased cyber activity in Europe and the US, with suspected Russian state-backed hackers looking for opportunities to destabilise western economies and critical infrastructures. It’s even prompted US President Biden to recently release a statement outlining the risks and what businesses need to do to try and counter any attack.  

As a Sophos Russia-Ukraine cyberattack page claims, this is all sound advice but the fear is that despite years of guidance and warnings, so many businesses still come up short on security. As Sophos reveals, “every day we assist companies who have only protected some of their assets, keep few if any, logs, are months if not years out of date on patching their systems and have open remote access to the internet with single-factor authentication.”

While for many enterprises this is fixable, there are growing fears that for many verticals it represents a more complex challenge, particularly with the internet of things (IoT). With vertical industries expected to spend over $188 billion on IoT devices and services this year, the prospect of cyber breaches and disruption to industry is very real.

According to a PSA Certified 2022 Security Report, there are significant gaps in IoT security provision, with technology decision-makers citing a lack of internal expertise and cost as inhibiting them from implementing stronger security. Only 31% of technology decision-makers feel ‘very satisfied’ with their level of security expertise in-house, while 59% still admit that internal validation is relied upon to certify security implementations.

So, what are these gaps in IoT security deployments? According to Chris Wilder, research director and senior analyst for cybersecurity at TAG Cyber LLC, the main gaps he is seeing are at the intersection between IT and OT systems, specifically with SCADA, sensors, meters, and so on.

To continue reading this article register now