Data privacy regulation a top three challenge for IoT adopters.
Fears over security have become less of a concern for organizations adopting IoT solutions than it was five years ago, according to a recent study by Wi-SUN Alliance*.
The Journey to IoT Maturity, a follow-up to Wi-SUN’s ‘state of the nation’ IoT study in 2017, is based on interviews with IT decision makers from UK and US IoT adopters within key industries, including energy and utilities, state and local government, construction, technology, and telecommunications. The clear signal is that IoT is now a bigger IT priority than ever for organizations across all sectors.
Those respondents ranking security as one of their top three challenges when rolling out IoT fell from 58% in 2017 to 24% in 2022, while the proportion of respondents viewing it as a technical challenge also dropped from 65% in 2017 to 42% this year , indicating fewer concerns but still highlighting it as an issue. Companies might be less worried about security, but it is still on their risk list.
Concerns growing over data privacy
While security is becoming less challenging than it used to be, there are growing fears over data privacy issues. Data privacy regulation is the second highest (political, economic or social) challenge for IoT adopters, with 36% placing it in their top three, just behind the need to reprioritise spending due to Covid-19 (37%) and ahead of budget cuts resulting from less revenue during the pandemic (35%).
Fears over big data have also risen over the last five years, with 19% of respondents (up from 11% in 2017) placing it in their top three IoT rollout challenges, and one in four citing regulatory concerns. The introduction of the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and other privacy regulations since Wi-SUN’s 2017 report may be a factor in this growth.
Phil Beecher, President and CEO, Wi-SUN Alliance, comments: “Data privacy concerns have gone up, understandably, with more legislation putting the spotlight on data protection. Since our last study, stricter privacy laws have increased pressure on organizations to protect sensitive data. This includes the GDPR in Europe and various state-level laws in the US.”
“Among our survey respondents, we saw that concerns were higher in the UK, where over half (53%) of organizations include secure data collection in their IoT strategies compared to just a third (34%) in the US. IoT initiatives, such as smart metering, streetlighting and those using environmental, air quality and acoustic sensors, are increasingly generating huge volumes of data, and while this information may be made entirely ‘secure by design’, the risks remain.”
Industry reports suggest a growing number of attacks on IoT devices over the last two years leading to the theft of confidential data and the launch of DDoS attacks. Mirai is one of the most recognized IoT threats dating back to 2016 when it was used to compromise connected devices like routers to launch attacks on websites and networks. It is still used by malware developers to attack vulnerable systems, from manufacturing systems to critical infrastructure.
Wi-SUN’s Phil Beecher adds: “While obstacles remain, organizations will need to continue to overcome both technical and non-technical challenges with the support of the industry, including IoT solutions and device companies. With more than 90% of our respondents recognizing that they must invest in IoT over the next 12 months to remain competitive, failure to navigate these important issues is not an option.”