The massive growth of Internet of Things (IoT) devices over the next one to three years should give us pause. As companies rush to get to market first, are we seeing a “dumbing down” of basic device principals that we have been working with for years, particularly enhanced security and privacy. With so many distinct applications, device scope and diversity represent a unique security challenge that so far has not been met.
I estimate that 85 percent or more of current IoT devices deployed in the real world do not have adequate security installed, and it’s likely that the vast majority of those will never be upgraded (or are not even capable of being upgraded). That means not only do current devices being installed pose a risk, but over the next one to two years, the vast majority of devices that will be deployed also pose a risk.
Source: NW Security 1