The PSA Certified 2022 Security Report predicts that this year will mark a turning point in securing the Internet of Things (IoT), as the industry collectively commits to addressing the historic lag between the rate of digital transformation and the speed of securing the ecosystem.
The annual barometer of industry perceptions and intentions around IoT security, which surveyed 1,038 technology decision-makers across Europe, USA, and APAC, showed a turning point for security with organizations placing it at the centre of IoT strategy and organizational culture.
90% of respondents have increased the importance placed on security in the past 12 months, almost 9 in 10 deem security in their top three business priorities and 42% of those rank building a ‘security-first culture’ as their top organizational priority.
The study indicates that increased consumer expectations and growing cyber risk are largely driving the change. Debunking the myth that consumers are purely driven by product features and price, a majority (83%) of respondents state they look for specific security credentials when buying connected products.
Over a third of companies believe distributed working has increased the likelihood of an IoT hack and one in five respondents work for companies that had been victims of hacks due to vulnerabilities in third-party products or services.
Security positively impacts the bottom line but expertise remains a barrier
Not only is a security-first culture deemed critical to protecting businesses against cyber-risk, it’s also recognized as a driver of commercial value. Nearly all (96%) tech decision-makers say that having security in their products positively impacts the bottom line, with nearly seven in ten citing they can charge a premium for built-in security.
Over half of respondents believe IoT security implementation makes people more likely to trust their products and four in ten claim that it helps them differentiate their product, enabling them to sell and ship in larger volumes.
Despite almost universal acceptance that IoT security commands a premium, nearly a third of those asked identified cost as inhibiting them from implementing stronger security, while perceived expense and a lack of ROI were the biggest barriers to conducting external lab testing. Only 31% of technology decision-makers feel “very satisfied” with their level of security expertise in-house and ‘a lack of security specialists’ ranked in the top three barriers to IoT security.
“IoT security has moved well beyond the stage of early adopters and the direction of travel is clear: security is foundational, not optional,” says David Maidment, senior director, Secure Devices Ecosystem at Arm (a PSA Certified co-founder).
“This report is an important reminder that security must be integrated into every device, process, company and culture if we are to take advantage of its potential as an enabler of digital transformation – and that continued industry collaboration around security best practice is critical to driving this forward.”
Key findings of the report include:
- A third of companies think the risk of IoT hacks has risen during the pandemic – mostly because of distributed working
- 90% of tech decision makers have increased their prioritization of security in the last 12 months
- Nearly nine in ten (88%) say security has become a top 3 business concern, and for nearly half of those (42%) creating a security-first culture has become their number one business priority
- 96% say having security in their products positively impacts the bottom line
- But nearly a third (31%) of respondents asked identified cost as inhibiting them from implementing stronger security
Read the full PSA Certified 2022 Security Report here.