Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Report: Organizations Not Properly Managing Risks of non-PC Devices

Mocana, a San Francisco based company that focuses on smart device security, recently released a study that tuned into the impact of security threats to non-PC devices.

Connected devices like smartphones, smartgrid components, Internet TVs, and medical and automobile electronics already outnumber PCs on the Internet by five to one.

Mocana, a San Francisco based company that focuses on smart device security, recently released a study that tuned into the impact of security threats to non-PC devices.

Connected devices like smartphones, smartgrid components, Internet TVs, and medical and automobile electronics already outnumber PCs on the Internet by five to one.

According to Mocana’s 2011 Mobile and Smart Devices Security Survey, respondents showed substantially increased awareness of connected smart devices and the rapidly growing risks associated with them. Yet survey results indicate that in general, companies they aren’t properly prepared to handle device security breaches. Specifically, results of the survey suggest that companies don’t yet have the security tools or expertise in place to handle device security problems. Nevertheless, organizations seem to be going “full steam ahead” with device rollouts, anyway – which may dramatically increase the business, financial and liability impacts of future device security breaches.

According Symantec’s Internet Security Threat Report, released earlier this week, there has been a 42 percent increase in the number of reported new mobile operating system vulnerabilities over the past year.

“It’s more than a little risky,” Mocana CEO Adrian Turner said. “It’s a little bit like everyone in the country deciding to send five million kids to kindergarten without measles or polio immunizations – and just hoping for the best.”

Some highlights from Mocana’s Report:

• 71 percent of respondents said they were concerned about security of mobile phones.

• 64 percent said that attacks on smart devices already required the regular attention of their IT staff, or would this year.

Advertisement. Scroll to continue reading.

• 63 percent said their organization had already deployed smart devices, despite these concerns.

• Fifty-four percent said security issues around non-PC devices had already caused disruption to their networks. But 51 percent said their organizations still did not regularly update or patch against device threats – on even a once-a-month basis.

Securing Smart Devices: Smartphone Devices Grow

“Securing the ‘Internet of Things’ is going to be challenging,” Turner said. “With products ranging from medical devices, office printers, smart phones and household appliances to smart grid utility meters, security cameras and industrial controls, there’s no ‘software box’ you can buy to protect them.” He continued, “Why? Device security is a tough nut to crack. Processor limitations, memory constraints, battery life and a slew of other idiosyncrasies particular to device environments make device security technically difficult. But with so many more devices than PCs on the Internet, it’s crucial. Now is the time to address smart device security head-on.”

Mocana conducted the survey by distributing the survey to thousands of professionals; a demographic mix heavily weighted towards information technology professionals, device manufacturers and embedded experts. They were asked a series of questions about device security problems facing their specific organizations, as well as their perception of their industry’s ability to deal with mounting device security threats. As the demographic of this survey was technical and device industry-focused, it is thought that this data will be useful as “leading indicators” of the emerging device security issue for enterprises and consumers in general.

The full report is available here.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.