The proliferation of IoT devices ranks as the biggest blind spot for organizations today, a recent survey shows, and researchers predict the number of connected devices will increase 500% by the year 2020.
“This explosion in connected endpoints combined with the opening up of business networks has increased the number of attack surfaces, with many attacks being aimed directly at mobile devices,” the report shows. “Some 74% of organizations claim to have dealt with mobile-specific malware in the last 12 months alone.”
The number of devices per user has grown from one a decade ago to 3.5 in 2015 — a 350% increase in the size of the attack surface purely from device growth.
The study indicates that almost 90% of organizations now have a bring your own device (BYOD) policy that permits workers to use personal devices in the workplace. This loss of control over the endpoint has made it increasingly difficult for enterprises to have a consistent endpoint solution, authors of the study say.
Research estimates that 80% of breaches originate inside the business and not through the perimeter, resulting from malware on consumer devices, propagated through email or even from users clicking on phishing sites. Sometimes the malware can remain dormant for months and gain intelligence before attacking. The study also shows that 48% of organizations claim that a single mobile incident costs their company at least $100,000.
The survey was conducted by ZK Research, a division of Kerravala Consulting, in April 2016.