23 March 2018
| James Pearce
Worldwide spend on security for the Internet of Things is set to top $1.5 billion by the end of 2018, with this figure predicted to double by 2021 according to Gartner.
A recent survey from CEB, now Gartner, found that nearly 20%
of organisations observed at least one IoT-based attack over
the last three years, highlighting a need for increased
security in the sector.
Total spend on IoT security was $1.174 billion in 2017,
according to figures from the analysts, but this is predicted
to rise by 28% in 2018 and continue that upward trend.
"In IoT initiatives, organizations often don't have control
over the source and nature of the software and hardware being
utilized by smart connected devices," said Ruggero Contu,
research director at Gartner.
"We expect to see demand for tools and services aimed at
improving discovery and asset management, software and hardware
security assessment, and penetration testing. In addition,
organizations will look to increase their understanding of the
implications of externalizing network connectivity. These
factors will be the main drivers of spending growth for the
forecast period with spending on IoT security expected to reach
$3.1 billion in 2021."
Despite the steady year-over-year growth in worldwide
spending, the report - titled ""Forecast: IoT Security,
Worldwide, 2018" - predicts that through 2020, the biggest
inhibitor to growth for IoT security will come from a lack of
prioritisation and implementation of security best practices
and tools in IoT initiative planning. This, it adds, could
reduce spend by as much as 80%.
Regulatory compliance is expected to become a key influence
on the uptake of IoT security, Gartner adds. Guidelines aimed
at improving critical infrastructure will compel organisations
to focus on security as the IoT market booms.
"Although IoT security is consistently referred to as a
primary concern, most IoT security implementations have been
planned, deployed and operated at the business-unit level, in
cooperation with some IT departments to ensure the IT portions
affected by the devices are sufficiently addressed," adds
"However, coordination via common architecture or a
consistent security strategy is all but absent, and vendor
product and service selection remains largely ad hoc, based
upon the device provider's alliances with partners or the core
system that the devices are enhancing or replacing."