The majority of oil and gas businesses face security challenges when deploying internet of things devices, research from Inmarsat found.
The report, published Thursday and titled ‘Industrial IoT in the time of Covid-19’, found that 92 percent of oil and gas businesses believe their IoT projects could be more secure, while 58 percent also believe that poor network security is the biggest challenge associated with IoT projects.
In addition, businesses reported the top IoT security threats were the mishandling or misuse of data by internal employees and external cyberattacks (both listed as the joint number one risk at 52 percent), followed by insecure storage of data (48 percent).
“With nearly four in five of our research respondents reporting their organisation’s IoT security could be more robust, many businesses clearly continue to face serious security challenges in their IoT deployments. The accelerating speed of IoT adoption over the course of the Covid-19 pandemic has brought with it a proliferation of security concerns, given the increasing number of potentially vulnerable endpoints associated with IoT projects,” Mike Carter, president of Inmarsat Enterprise said in a statement.
Compared to 2018, when Inmarsat last surveyed IoT, adoption has accelerated dramatically, increasing the vulnerability of cyberattacks. The firm noted, however, that the oil and gas industry has made significant progress in combating these threats by creating an internal policy on IoT security. Fifty-one percent, just over half, of all firms surveyed now have an internal policy, compared to 42 percent in 2018. Oil and gas firms have also begun hiring more skilled staff and upgrading existing security technologies, the survey found.
“Comparing our latest results with our 2018 IoT survey, security risks are growing, but in response, businesses are becoming more aware of cyber-security threats and doing more to respond,” Carter said.
Organisations which have a formal IoT strategy in place were also found to be more likely to take cybersecurity more seriously. Among the oil and gas companies surveyed, 56 percent of those with a formal strategy were training employees on IoT, compared to only 36 percent of those without.
“Overall, our results reveal it is those organisations with a formal IoT strategy in place, or who enjoy full support for their IoT projects at the boardroom level, lead the way in terms of having the most informed, security-conscious mindsets and taking positive, proactive steps to shore up their cyber-security defences. These organisations tend to best understand the gravity of IoT cyber-security issues, taking essential measures such as introducing internal and external IoT security policies and investing in, or upgrading security technologies,” Carter concluded.
