As Internet of Things (IoT) based cyber-attacks continue to intensify in frequency and severity, the IoT security spending trend also continues to escalate, with worldwide spending expected to reach $1.5 billion in 2018.
That’s according to the latest Gartner Survey. The firm also found that nearly one-fifth of all organizations surveyed have observed at least one IoT based cyber-attack in the last three years.
This 28% increase in spending from 2017 is only expected to rise; experts believe spending will reach $3.1 billion in 2021. While worldwide spending is currently on the rise, Gartner predicts that through 2020, the biggest inhibitor to growth for IoT security will come from a lack of prioritization and implementation of security best practices, hampering the potential spending on IoT security by 80%.
The lack of technical standards for specific IoT components contributes significantly to the IoT security threat. Additionally, the absence of security-by-design comes from a lack of specific and stringent regulations.
But organizations have been working tirelessly to develop IoT endpoint best practices to help simplify IoT security. The Industrial Internet Consortium recently released its Endpoint Security Best Practices whitepaper which highlights endpoint protection and how countermeasures or controls, through risk modeling and threat analysis, can be applied to achieve a particular security level (basic, enhanced or critical). This guidance uses key information about endpoint device security from leading industrial guidance and compliance frameworks, such as NIST 800-53 and NIST 800-171.
Gartner expects this trend to change moving forward, especially within highly regulated industries such as healthcare energy. In fact, by 2021, Gartner predicts that regulatory compliance will become the primary driver behind IoT security uptake. Industries required to comply with regulations aimed at improving critical infrastructure protection are now obligated to focus on security as a result of IoT saturating the industrial world.
Read the article on InfoSecurity Magazine