AS HOME AUTOMATION ENTHUSIASTS RUSH to connect digital devices — a video doorbell, a wireless home security kit, a set of Wi-Fi lightbulbs — they are helping build a new ecosystem of convenience, safety and efficiency. That ecosystem is the Internet of Things (IoT), the burgeoning global network of connected “smart” devices. By 2030, the IoT may comprise more than 29 billion internet-connected objects.1
For consumers, these devices already have elevated household conveniences and services to futuristic heights. Think sensor-based home-monitoring and communications systems, energy-efficient automated appliances, always-on virtual assistants and self-driving automobiles.
Each device connected to a network, however, is also an endpoint that criminals can exploit. And research shows they are doing just that: One 2022 survey found that 45% of companies had experienced a data breach caused by an unsecured mobile or IoT device in the past 12 months, up 22% from the previous year.2
But the problems are not just a function of cyber criminals and insecure devices. Many consumers don’t prioritize device security due to a lack of understanding of how risky an insecure device can truly be, and unwittingly open themselves to compromise.
For instance, smartphone users often grant broad access to their device’s location services, camera, microphone, contacts and calendar — without knowing whether these permissions are legitimate and how the data they generate will be secured. By providing this access, users may unintentionally open access to additional data on the device, including sensitive information like system credentials, credit card numbers and contact information for colleagues, clients, friends and family.