ISACAS 2015 IT RISK/REWARD BAROMETER: A GLOBAL LOOK AT IOT SECURITY October 2015 SURVEY COMPONENTS 2 Two survey components: IT/business perspective: A global survey of more than 7,000 business & IT professionals who are members of ISACA Consumer perspectiveA separate five-country survey of nearly 5,400 consumers (Australia, India, Mexico, UK, US) ABOUT THE 2015 RISK/REWARD BAROMETER 3 The Internet of Things paints a vision of a seamlessly connected worldwhere interconnected devices collect and share our most practical data to improve the functionality of products, the efficiency of homes and workplaces, the infrastructures of cities, and, fundamentally, the overall integration of our lives. But there are also hidden, or lesser-known, risks. These risks stand between consumers and the utopia where devices talk to each other in reliable and meaningful ways. ISACAs 2015 IT Risk/Reward Barometer explores tradeoffs and recommendations that consumers and organizations must consider for their cyber lives. ISACA also looks at the business and IT implications for enterprises, whose duty to safeguard the data they collect is now under even more intense scrutiny. 4 BUSINESS/IT PERSPECTIVE CONSUMER PERSPECTIVE 5 ARE CONSUMERS TOO CONFIDENT ABOUT IOT SECURITY? 6 Consumers may feel over-confident about IoT security. IT and cyber security professionals are much less confident about it. According to the consumer segment of the survey, 64% are confident they can control the security on the Internet of Things (IoT) devices they own. Yet, according to more than 7,000 global IT and cyber security professionals who are members of ISACA, only 21% share this confidence and 70% say IoT device manufacturers are not implementing sufficient security measures. ISACAs consumer research also suggests that consumers are likely to value businesses that can demonstrate their expertise in and commitment to cyber security best practices: globally, the majority percentage of consumers say it is important that data security professionals hold a cyber security certification if they work at organizations with access to the consumers personal information. BUSINESS AND IT IMPLICATIONS 7 Organizations and their IT departments need to adapt their strategies to account for the risk and reward represented by the Internet of Things. ISACA experts offer the following recommendations. Ways for enterprises to maintain a cyber-secure workplace: Safely embrace Internet of Things devices in the workplace to keep competitive advantage Ensure all workplace devices owned by organization are updated regularly with security upgrades. Require all devices be wirelessly connected through the workplace guest network, rather than internal network Provide cybersecurity training for all employees to demonstrate their awareness of best practices of cybersecurity and the different types of cyberattacks Ensure that IT and security professionals are CSX-certified For more info: