In the PC world, security issues are generally well understood and often even addressed by the masses. It’s a different story in the M2M and embedded market. Recognition of security risks and the number of steps taken to address security vary across each level of the embedded ecosystem - by industry, manufacturer, component supplier, and end user.
The potential impact of consumer device security failures extends across the Internet of Things ecosystem - far beyond traditional mobile and consumer devices. Thankfully, the general public appears to be catching on. Results from our consumer survey confirm that a growing number of people are recognizing the potential security issues that come with their increasingly connected lifestyles.
We asked device purchasers and users how concerned they were with security for each type of device they personally bought, were planning to buy, or were operating regularly. Some of these devices are a large part of peoples’ lives already today, like ATMs and smartphones, while others like connected cars that are not yet widely used are an almost unavoidable consequence of a device class’s continued evolution.
Although it is probably no surprise that ATMs are rated highest for security concerns since they are directly pinned to personal finances, no connected device class was immune to consumer concerns. While the relative perception of risk varies rather dramatically across the device classes shown on this chart, one thing is glaring clear and consistent – there is both a recognized need and a growing demand for more secure consumer devices.
One of the biggest challenges facing the industry, however, is that although there is a general recognition of risk in some of these emerging consumer device classes, most consumers don’t yet have firsthand experience with hacks of this type. So people are going to be much more concerned with those devices with which they already have a lot of experience, like smartphones and ATMs. Connected cars and home medical equipment, however, are relatively new. Meanwhile, the consequences of failure for those devices can be much more dire.
Overall, there also hasn’t been as much reported change in any of the consumer device usage patterns as you might expect, given the recognition of risk. It’s almost as if many consumers want to reduce their exposure to risk, but have accepted the fact they are playing Russian roulette in the short term. The frequency and magnitude of consumer device security failures will only continue to increase over the coming years, however. Not only will consumers expect a higher level of security built into their devices, but they will need (and finally demand) new classes of post-deployment security augmentation solutions.