Inadequate security sees surge in IoT data breaches, study shows

Internet of Things

Research finds that the number of data breaches linked to Internet of Things (IoT) devices has increased considerably over the last two years. 

A study published by Ponemon shows that the number of breaches due to unsecured connected devices now accounts for 26% of security incidents, up from the previous figure of 15%.

However, actual numbers of breaches may be far greater as organisations are often not fully aware of how many web-connected devices their employees and teams are using.

Lack of clarity over application or third-party platform usage could be pushing the number of cyber-security incidents on connected devices even higher, according to the Ponemon’s report titled: “Third Annual Party IoT Risk: Companies Don’t Know What They Don’t Know”.

The study also discovered that budgets aren’t up to managing third-party risks coming through IoT gadgets.

Looking forward, 87% of the survey’s respondents said they thought their own companies are likely to suffer a cyber-attack due to poorly secured IoT devices or applications over the next two years.

The Ponemon report also highlighted a concerning accountability gap, as less than half of the companies’ board members said they gave the green light to projects designed to lower third-party risk. Just 21% of board members said they were “highly involved” in security practices and in understanding third-party and cyber dangers in a more general capacity.


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/