Companies fail to run devices by cybersecurity staff
An unscientific survey released today from the cybersecurity firm Pwnie Express suggests as few as 31% of companies involve their cybersecurity personnel in all device purchases.
Why it matters: Devices can range from medical equipment to manufacturing robots, to internet connected coffee makers. All of them can be involved cyber attacks. A poorly secured internet-connected toaster can provide a foothold for an attacker, while attackers could down a poorly secured industrial system and shut down an assembly line.
By the numbers: In the survey of roughly 600 cybersecurity professionals, only 31% said they were clear "all device purchases had to be cleared with security personnel."
- The majority, 61%, said the opposite, with 8% saying they did not know.
Details: The data was reported in Pwnie Express's annual Internet of Evil Things report. The 600 respondents were not normalized for their companies size or industry — there may, for example, have been too many small health care firms or large automakers — but still provide a rough estimate of the issues in play.