People Overestimating The IoT Devices

The National Cyber Security Alliance (NCSA) is a not-for-profit organization founded in 2001 that helps promote cyber awareness and educate people about the importance of privacy. So it means something when they said people hugely overestimate the security abilities of our smart devices.

Studies suggest more and more organizations are opting for a remote workforce rather than in-house human resources. But there is an inherent risk associated with this. As your home network transforms into the office network, any reckless action has an equal, adverse effect on the organization’s security. People are often ignorant about cybersecurity as the NCSA survey suggests.

NCSA Cybersecurity Awareness Month Survey
How can it affect your organization?

NCSA Cybersecurity Awareness Month Survey

The survey had 1000 participants. Half of the participants fell in the younger age bracket (18-34) while the rest belonged to the elder group (50-75). The survey quite astonishingly found that majority of the people believed, irrespective of their age, their IoT devices are quite ‘secure’ – even more than, in fact, they actually are.

Old, outdated, or cheap IoT devices are like free lunch for hackers. Old devices are, often, hard to upgrade and lacking in the security aspect. The survey reveals the majority of the poll participants were either ‘somewhat’ or ‘very confident’ about the level of security that their IoT devices provided. Younger participants were likely to be confident about their devices than the elder ones.

Not very surprising given the older generation is usually risk-averse. A part of the survey was dedicated to awareness towards regularly updating drivers or software. 17% of the younger participants said that they either do not update regularly or leave it at the hand of auto-update. The percentage increases to 37 for the older group showing a lack of awareness.

How can it affect your organization?

As stated, organizations are not shying away anymore from utilizing the remote workforce. Teleworking has seen a boom in recent times. But this can pose a serious risk for the security of the business. Experts warn that using an unsecured home network can pose a serious threat to the organization. The NCSA survey furthers this claim.

Experts suggest the role of the Chief Information Security Officer (CISO) would become increasingly important in the coming years for an organization. They would not only need to look after the security of the organization, but also need to train employees. One of their principal responsibilities would be to make the employees aware of the security aspects of working from home.

Segmenting the home network might be a good idea to isolate the office works. Segmentation makes sure the office network stays separate from the home network as much as possible. This way you would be able to thwart any attempt at utilizing your unsafe home IoT devices for getting a hold of the office network.

That being said, segmenting a network is often not worthy of all the hassles for an employee. Businesses can offer access points for their employees when segmentation is not an option. All in all, organizations need to be ready and prepared to take the few extra steps to ensure the safety of their network.

Other useful articles: