Home users overestimate IoT security, survey data shows

Newly released data from a survey conducted by the National Cyber Security Alliance (NCSA) in the US reveals how much employees tend to overestimate the security of their Internet of Things (IoT) devices at home.

Since being forced to adapt to a ‘new normal’, a substantial number of home networks are not being used for work-related purposes.

Experts have warned that this is a substantial business risk.

A total of 1,000 adults were polled in the survey, with 500 falling in the 18-34 age group and 500 in the 50-75 age group.

The results show that the vast majority of both groups believed in the security of their IoT devices.

It is widely known that IoT devices (particularly those that are old, cheap and difficult to upgrade) are sitting ducks for cyber-attacks.

Still, 87% of the younger group and 77% of the older group said that they were either “somewhat” or “very confident” in their security.

Furthermore, it was found that 17% of the younger and 37% of the older group did not install updates regularly.

They claimed that this takes place either every two to three months or if there is an auto-update.

Instead of businesses issuing company computers for remote workers to use, as would be correct from a cyber security perspective, many of the employees are using their own devices, meaning that the frequency of updates remains in their own hands.

Sylvia Layton, chief operating officer at the NCSA, advises CISOs to better educate their employees about the pitfalls of remote work.

Dmitriy Ayrapetov from office security vendor SonicWall has suggested that remote workers could segment their home networks for the purposes of isolating office computing.

This should be sufficient to prevent hackers from leveraging an IoT foothold, though this may prove to be either too complex or too much of a hassle for employees to execute.

Ayrapetov said that giving employees access points they can use is another suitable alternative.