Cyber-attacks have been continuously breaching security rules in IoT. In a recent survey conducted, it was found that 97% of the respondents believed that unsecured IoT devices can be harmful for their organizations, while only 29% actively monitored the systems for any 3rd party breach. Where organizations are failing is they understand the adoption of IoT and are able to scale well, but fail to understand the risks posed by such systems in their networks. Lack of clear accountability when it comes to third-party IoT risk management is another big issues that remains unattended
The research that was conducted on more than 600 respondents revealed the fact that about 38% believe that no one in their organization is responsible for reviewing the risk-management policies of third-party vendors. The biggest challenges with respect to IoT Risk Management Practices consist of the fact that 49% do not keep inventory of IoT devices and 56% do not keep inventory of IoT applications. More than 53% of the respondents depend on contractual agreements with external 3rd party risk management vendors. Another alarming fact that came out is that only 29% actively monitor 3rd party IoT risks. There is a clear gap in educating the employees about the risks of leaving IoT open in the network and not taking care of it.