It is estimated that 30 billion connected devices will be in use by 2020 and 65 per cent of Australian consumers are confident they can control the security of the Internet of Things (IoT) devices they own. However, only 19 per cent of Australian IT professionals feel the same way.
Findings from the annual IT Risk/Reward Barometer conducted by the global association of security, risk and governance professionals, ISACA, found high discrepancies between the opinions of consumers and IT professionals about the security of IoT connected devices.
Results were based on online polling of 7016 ISACA members among 140 countries, and additional online surveys among consumers in the US (1227 respondents), the UK (1025 respondents), Australia (1060 respondents), India (1027 respondents) and Mexico (1057 respondents).
According to the study, increased consumer ownership of connected devices brought increased vulnerability, in Australia (63 per cent), the UK (63 per cent), the US (85 per cent), Mexico (80 per cent) and India (76 per cent).
However, results reflected that despite feeling vulnerable about security, survey findings indicated respondents as confident in controlling the security of their personal IoT devices; 65 per cent in Australia; 64 per cent in the US; 82 per cent in Mexico and India and 66 per cent in the UK.
Across all countries, credit card numbers, national identification numbers such as social security numbers, passwords and personal emails were among the highest concerns.
According the study, IT professionals find consumer confidence in the security of their connected devices misguided. Of those surveyed, 63 per cent of IT professionals were not confident in controlling who could have potential access to their information collected by IoT devices at home. This is nearly the same percentage of consumers in Australia, the US and the UK who indicated high confidence in security control.
In the workplace, 63 per cent of IT professionals reported feeling that the IoT will result in decreased employee privacy and 73 per cent considered hacking via an IoT device to be a medium to high risk.
Data leakage was seen as the most significant enterprise security concern related to the IoT and a further 73 per cent did not believe the security standards in the IT industry sufficiently addressed concerns of IoT.