The results show that awareness of the opportunities offered by IoT is growing in German companies, but at the same time there is still a need to catch up in practice. Although the technology has a high or very high relevance for just under half of the companies, only 13% of the respondents say they have already implemented IoT on a broad scale. This is also due to the fact that only around a quarter consider themselves to be in a position to implement IoT projects completely on their own. More than 60% of the companies therefore rely on external partners in order to be able to take appropriate account of specialist, technical and legal levels from the outset.
At the same time, the study points to a significant lack of security precautions. According to the study, 44% of companies have not taken any specific measures to secure IoT. "Many companies believe that only large corporations are targeted by cybercriminals. This is a persistent misconception: around 30% of companies with fewer than 1,000 employees have already been affected by attacks, according to our survey. Cyber security is everyone's business," emphasizes Jan Ludwig Tiedemann, Senior Solution Architect at secunet.
Further results of the study:
Opportunities of IoT systems
Networked devices, machines or systems in the IoT hold numerous opportunities for companies from different industries. However, the companies surveyed primarily expect increased product quality (45%), process optimization (44%), improvements to existing products and services (42%), lower (production) costs (38%) and increased customer satisfaction (36%).
Obstacles to secure implementation
Data protection (43%) and security concerns (36%), lack of expertise (38%) and integration into the existing IT infrastructure (36%) are seen by companies as the biggest hurdles in implementing IoT projects. In turn, compatibility with existing infrastructure is the biggest challenge for half of the companies surveyed when implementing IoT security. 46% also stated that they do not have sufficient expertise in this area, and 38% simply lack the necessary specialist personnel.
Most common security incidents
Almost 70% of the companies that were affected by cyber attacks were infected once or even several times via existing (legacy) devices. 44% of the companies surveyed had been affected by such an attack once in the last two years, and the number of unreported cases is likely to be even higher. In one quarter of the companies, these vulnerabilities were even exploited multiple times. Almost 70% also report targeted sabotage or industrial espionage. Around half said they had been affected by the compromise of IoT devices or their misuse for criminal purposes.
Demands on IoT security service providers
For companies to be able to adequately protect their IoT systems from cybercriminals, they regularly rely on the expertise of a security partner. What they want from this partner above all is a high level of technological know-how (50%), an understanding of processes (45%), industry expertise (41%), innovative strength (40%) and security certificates (36%).
All results of the study can be found at the following link: www.secunet.com/en/iot-but-secure