IoT and AI are more connected and also more vulnerable

More than 50 per cent of companies have already implemented the Internet of Things (IoT, 51 per cent) and Artificial Intelligence (AI, 54 per cent) in their infrastructures. In addition, 33 per cent plan to adopt these interconnected technologies within two years. The figures are from a recent study by security company Kaspersky, which warns of the vulnerability of these technologies to new vectors of cyber attacks, given their wider dissemination.

Most interconnected technologies are not mature enough to be adequately protected. Only 32% of organisations are extremely or well prepared to protect interconnected technologies. Some leaders stated in the survey that their companies are only accepting the basics in terms of securing these technologies.

In the specific case of AI and IoT, respectively, 16% and 17% of organisations consider them to be “very difficult” or “extremely difficult” to protect, while only 8% of AI users and 12% of IoT solution owners believe that their companies are fully protected.

“Interconnected technologies bring immense business opportunities, but they also usher in a new era of vulnerability to severe cyber threats. Faced with the growing volume of data collected and transmitted, cybersecurity measures need to be strengthened,” warns Ivan Vassunov, Kaspersky’s vice president of corporate products. He emphasises that companies must protect critical assets, win the trust of customers in this expanding interconnected landscape and ensure that adequate cybersecurity resources are in place to combat new challenges.

In the survey, 560 senior IT security leaders from North America, Latin America, Europe, the Middle East and Africa, Russia and Asia-Pacific were interviewed. In addition to IoT and AI, other interconnected technologies were evaluated, including Virtual Reality (VR) and Augmented Reality (AR), digital twins, 6G and converged cloud networks, Web 3.0 and data spaces that allow continuous sharing in collaborative environments.

The study noted that the less widespread the implementation of the technologies evaluated, the more difficult it is for companies to protect them, and vice versa. For example, RA/RV and converged cloud networks are the least adopted and most difficult to protect in terms of cyber defence, with 39% and 40% of companies commenting on the difficulty of protection.

Organisations face internal and external challenges in protecting interconnected technologies. The top five challenges cited by respondents were more common and serious cyber incidents (47 per cent), solutions not robust enough (45 per cent), difficulty working with new technologies (45 per cent), difficulty hiring or training specialists (42 per cent) and dependence on older technologies (42 per cent).

Based on the results of the survey, Kaspersky recommends four behaviours for companies to prepare for protecting interconnected technologies:

1. Update cybersecurity solutions and use centralised, automated platforms that allow you to collect and correlate telemetry data from various sources, ensure effective threat detection and provide rapid automated responses. Kaspersky explains that since many AI solutions are developed in containers, it is important to protect the infrastructures they are integrated into so that security problems can be detected at all stages of the application lifecycle, from development to operation.

2. Train and qualify the workforce. Developing a “cyber-aware” culture requires a comprehensive strategy that trains employees, ensuring knowledge that can be put into practice.

3. Follow regulatory rules to avoid legal problems or reputational damage.

4. Adopt security principles from the design phase onwards. By integrating cybersecurity features into all stages of the development lifecycle, organisations can become more resilient against cyber attacks, contributing to the overall security of digital systems.