Too many consumers of Internet of Things solutions do not pay enough attention to security. This level of apathy may have serious repercussions down the line.
The research bears this out. An opinion poll by the US Chamber of Commerce’s Technology Engagement Center found that the majority of IoT consumers rely wholly on device manufacturers to detect threats and safeguard them against malicious activity.
In the UK, similar research by tech firm Canonical found almost half of people are not even aware of the dangers surrounding IoT, ignorant of the fact that their devices could be targets for hackers.
Almost 40 percent of people say they are not “sufficiently aware” of IoT security dangers, while 79 percent say they have never even read a news article focused on these issues. Of even more concern, the majority of people say their distrust of IoT security has not grown over the last year.
This demonstrates that those educational campaigns on the risk of IoT devices are not hitting home. This failure to take security seriously on the part of the consumer could have serious repercussions for the industry as a whole.
Firstly, as the Canonical research suggested, the lack of awareness of security issues on the side of consumers means the majority are failing to adequately secure their devices. A shockingly low 31 percent of consumers said they update their devices when updates are released by manufacturers. 40 percent have never, ever, updated their firmware.
This obviously comes with huge associated risks. Devices are therefore more susceptible to attack. Such hacks can have dire consequences for users, and could harm the industry in the long-term once people are suddenly made aware in the worst possible way of the potentially catastrophic effects of unsecured connected “things”.
The lack of consumer awareness over security places the burden of responsibility on manufacturers. Yet, in many cases, this is not working out for the best. Many companies fail to ensure security is treated as a paramount part of the IoT product development cycle.
Other companies fail to ensure they will be able to run future updates on their devices in a secure way. These mechanisms need to be built in from the start, but in a way that they cannot be compromised. Too often this aspect of security is also overlooked.
The industry is still in the process of getting security right. The solutions are out there, you just need to know to use them. That is why we need to get consumer education right, to ensure the security and sustained growth of the IoT industry.
Aside from ensuring they update their devices, there is not alot consumers can do security-wise. But while they continue to lack understanding of the potentially disastrous repercussions of lax IoT security, manufacturers do not have a financial imperative to build in security solutions.
Consumers should ensure they pay attention to things like security reviews for IoT products. This serves a dual purpose. Not only will it ensure their connected devices are secure, but it will place the responsibility back with the manufacturers to ensure they are up to scratch. This way, we can make certain we get security right and allow the industry to fulfill its potential.
Other articles in this section
Developments within the Internet of Things (IoT) space are happening at tremendous speed, but the pace of this change creates challenges from a security standpoint.
It is indisputable that the Internet of Things (IoT) is the next Industrial Revolution, given the impact it will have on the way people, businesses and governments live and work.
The Internet of Things is big, and getting bigger. Breakthroughs in technology, falling costs, and a growing market mean it is an increasingly exciting space to get into.
Brian is a life-long software developer who loves to help others succeed. A frequent source for media outlets, such as BBC, Entrepreneur and Bloomberg, Brian also frequently speaks at universities, conferences and the like. His new book, "Unravelling the Internet of Things" will be available soon on Amazon.com.