Drawing parallels between IoT and security

A new ISACA survey shows that even as the Indian consumers embrace IoT, security concerns remain

Sonal Desai
New Update

MUMBAI, INDIA: The Internet of Things (IoT) is gaining acceptance among Indian consumers.


However, a new ISACA survey shows that even as the Indian consumers embrace IoT, security concerns remain. This translates into a major confidence gap about the security of connected devices between consumers, cyber security and information technology professionals.

According to the consumer segment of ISACA’s 2015 IT Risk/Reward Barometer, 81 percent of Indian consumers surveyed are confident they can control the security on the IoT devices they own.

Yet according to the 7,016 IT and cyber security professionals globally who responded to a parallel survey, only 22 percent feel confident about controlling access to information collected by IoT devices in their homes, and 72 percent said manufacturers are not implementing sufficient security in IoT devices.


Indian consumers said the average number of IoT devices in their home is seven. Smart TVs, smart watches and connected home alarm systems top the IoT shopping list in the next 12 months.

Hidden IoT

The survey depicts an IoT that flies below the radar of many IT organizations–an invisible risk that is underestimated and under-secured globally. Here’s a short view:

Seventy three percent respondents estimate the likelihood of an organization, being hacked through an IoT device is medium or high.


Sixty three percent think that the increasing use of IoT devices in the workplace has decreased employee privacy.

Fifty percent say their organization’s BYOD (bring your own device) policy does not address wearable tech.

“In the hidden Internet of Things, what is also invisible are the countless entry points that cyber attackers can use to access personal information and corporate data,” said Christos Dimitriadis, International President, ISACA. “The rapid spread of connected devices is outpacing an organization’s ability to manage and safeguard company and employee data.”

Some other lessons:

According to the cyber security and IT professionals surveyed, device manufacturers are falling short. Seventy two percent say they do not believe that manufacturers are implementing sufficient security measures in IoT devices.

“As the usage of IoT devices increases in India, it is important that device manufacturers adopt an industry-wide security standard to address security. Enterprises also need to install rigorous security governance and professional development for their cyber security employees. This move will further boost the acceptance of IoT in the country, as research shows there is a direct relation between positive customer sentiment and companies that can demonstrate credentials,” said Avinash Kadam, Advisor, ISACA India Cyber security Initiative.

cyber-security must-read iot-hub isaca