Improving Security Solutions Could Grow the Internet of Things Cybersecurity Market by $9-$11 Billion
New Bain & Company research identifies four steps IoT device vendors can take to address security concerns that are holding back further growth in this market
NEW YORK, May 30, 2018 (GLOBE NEWSWIRE) -- Security concerns are a significant roadblock to investment in the Internet of Things (IoT). According to a new Bain & Company report, Cybersecurity is the Key to Unlocking Demand in IoT , 45 percent of IoT buyers say concerns about security remain a significant barrier and are hindering the adoption of IoT devices.
If vendors could provide better security, enterprise customers surveyed say they would be willing to buy, on average, at least 70 percent more IoT devices. In addition, 93 percent of executives said they would pay more for devices with better security - about 22 percent more on average. Taken together, Bain & Company estimates that improving security solutions for these devices could grow the IoT cybersecurity market by $9-$11 billion. For IoT device vendors - companies that make IoT devices as well as those that provide related solutions - the message is clear: improve security to gain a competitive edge and grow your market.
These are among Bain & Company's findings over the last three years and new, recently completed research on IoT security.
"We expect growth in the markets that comprise the IoT to continue full steam ahead, but issues around security concerns could derail that progress," said Ann Bosche, a partner in Bain & Company's Telcom, Media and Technology Practice. "Enterprise customers are moving cautiously until they can gain some reasonable assurance of the security of their data and operations, which increasingly rely on devices, sensors and the Internet of Things."
The Bain & Company survey found most executives (60 percent) said they were very concerned about the risks IoT devices pose to their companies - not surprising, given the damage that an IoT security breach can cause to operations, revenues and safety.
In determining solutions to guard against attacks, IoT device vendors can segment their target customers by levels of cybersecurity capability maturity. The research finds that customers at the least-advanced end of the spectrum are more likely to seek out simplified and integrated security solutions, whereas those with more advanced capabilities prefer to invest in best-of-breed or customized point solutions.
Further, across segments, nearly all executives - 90 percent - said that IoT devices pose a moderate or significant risk to their organizations, and executives in companies with greater cybersecurity sophistication see more risk than those in less sophisticated companies.
The research also found that executives in some industries see themselves at greater risk than others. Those in durable goods, building and construction, energy and utilities, financial services, and technology were most likely to express a significant level of concern.
In response to these risks, executives who manage security said that, as customers, they want solutions that are highly effective, easy to integrate, and flexible to deploy.
Companies take a range of approaches to meet their security needs, based on their capabilities and the availability of marketplace solutions from vendors. Only about a third of IoT cybersecurity solutions used today are from IoT device vendors, indicating that vendors are either not offering holistic, high quality, solutions that meet consumer needs or they are not promoting them well enough. Bain & Company found that companies with the most advanced cybersecurity capabilities rely more on internally developed security solutions, not only because they may have more complex needs but because they are more likely to have the talent and capabilities to develop their own solutions. Companies with ad hoc security capabilities have the most gaps across all IoT layers tested.
The research also looked at how companies deploy solutions by layer of security and found ample opportunity for IoT device vendors at every layer of the stack. The access interface layer has the greatest level of protection, whether developed internally or provided by a manufacturer or third party. Other layers of the stack were protected by more internal solutions - or, in some cases, none at all. Customers' preference for internal solutions may be partially explained by considering the specific conditions of each layer. For example, data security solutions typically require more computing and power resources than are currently available on basic IoT devices.
"Most enterprises want a cohesive set of tools and a unified overview of the security posture of their devices, but few IoT device makers understand their customers' operations well enough to provide that kind of solution," said Syed Ali, a cybersecurity expert in Bain & Company's IT Practice. "Lacking well-designed IoT cybersecurity products and services, customers are devising their own solutions, foregoing them altogether, or failing to implement IOT solutions until vendors can fill the gap."
All IoT device vendors will need to pay more attention to security in the design, development and deployment of devices. Four steps can help executives frame their task:
Understand how customers are using devices. Staying current by refreshing their understanding of customer use cases every 12 to 18 months will allow them to stay on top of evolving security requirements, and help identify unmet needs. Ascertaining the average cybersecurity maturity level of their customers will help manufacturers invest in the right out-of-the-box and add-on solutions.
Provide cybersecurity capabilities on the device and, where possible, partner with trusted cybersecurity vendors to provide additional solutions. Engineering teams should embed secure development practices in the software and hardware components of the device, and provide inherent solutions for the access interface, apps, data and device layers. Taking these measures can mitigate common vulnerabilities in IoT devices today such as default or embedded passwords, lack of data security for credentials and network communications, and weak safeguards for ensuring system integrity.
Meet quality assurance thresholds and be able to certify that their IoT devices are free from known vulnerabilities. This would mitigate a major pain point for customers who sometimes install new devices without realizing they contain vulnerabilities. Deploying a more methodical process to identify and remove vulnerabilities across layers or engaging third-party vulnerability scanning and or penetration test firms can help manufacturers meet this bar.
- Fulfill their obligations during the warranty period by continuously testing for new vulnerabilities, providing software and firmware updates, as well as feature and functionality upgrades for out-of-box and aftermarket solutions. Delivering updates to firmware, operating systems and applications in response to newly discovered security vulnerabilities should remain a top priority through the warranty period.
"IoT device vendors and ecosystem players that move quickly to improve the security around IoT devices are likely to reap rewards not only from their ability to earn a premium, but also from an expanded market," said Frank Ford, a partner in Bain & Company's IT Practice. "These four steps are a start, though by no means, the whole of what it will take to begin to address the security concerns that are holding back growth of the IoT."
Editor's Note: To arrange an interview, contact Dan Pinkney at firstname.lastname@example.org or +1 646 562 8102
About Bain & Company
Bain & Company is the management consulting firm that the world's business leaders come to when they want results. Bain advises clients on strategy, operations, information technology, organization, private equity, digital transformation and strategy, and mergers and acquisition, developing practical insights that clients act on and transferring skills that make change stick. The firm aligns its incentives with clients by linking its fees to their results. Bain clients have outperformed the stock market 4 to 1. Founded in 1973, Bain has 55 offices in 36 countries, and its deep expertise and client roster cross every industry and economic sector. For more information visit: www.bain.com. Follow us on Twitter @BainAlerts.
Bain & Company
Tel: +1 646 562 8102
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Bain & Company via Globenewswire
Subscribe to releases from GlobeNewswire
Subscribe to all the latest releases from GlobeNewswire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from GlobeNewswire
Karolinska Development delays publication of its Annual Report for 2018 and changes date for the Annual General Meeting26.4.2019 08:00:00 CEST | Press release
STOCKHOLM, SWEDEN - 26 April 2019. Karolinska Development AB (Nasdaq Stockholm: KDEV) announces today that The Board of Directors has decided to delay the publication of its Annual Report for 2018. Karolinska Development has changed the date for the Annual General Meeting to June 26, 2019. The date for publication of the Annual Report for 2018 has been changed from April 26 to April 30, 2019. Karolinska Development has changed the date for the Annual General Meeting from June 4 to June 26, 2019. Notice to the Annual General Meeting will be published in a separate press release. For more information, please contact: Viktor Drvota, CEO, Karolinska Development AB Phone: +46 73 982 52 02, e-mail: email@example.com Fredrik Järrsten, CFO, Karolinska Development AB Phone: +46 70 496 46 28, e-mail: firstname.lastname@example.org TO THE EDITORS About Karolinska Development AB Karolinska Development AB (Nasdaq Stockholm: KDEV) is a Nordic life sciences investmen
Karolinska Development senarelägger publicering av årsredovisningen för 2018 och meddelar nytt datum för årsstämma26.4.2019 08:00:00 CEST | Pressmeddelande
STOCKHOLM, SVERIGE - 26 april 2019. Karolinska Development AB (Nasdaq Stockholm: KDEV) meddelar idag att styrelsen har beslutat att senarelägga publiceringen av årsredovisningen för 2018. Karolinska Development har ändrat datum för årsstämman till den 26 juni 2019. Publiceringen av årsredovisningen för 2018 flyttas från den 26 april till den 30 april 2019. Karolinska Development har ändrat datum för årsstämman från den 4 juni till den 26 juni 2019. Kallelse till årsstämman kommer att publiceras senare i ett separat pressmeddelande. För ytterligare information, vänligen kontakta: Viktor Drvota, vd, Karolinska Development AB Tel: +46 73 982 52 02, e-mail: email@example.com Fredrik Järrsten, finanschef, Karolinska Development AB Tel: +46 70 496 46 28, e-mail: firstname.lastname@example.org TILL REDAKTÖRERNA Om Karolinska Development AB Karolinska Development AB (Nasdaq Stockholm: KDEV) är ett nordiskt investmentbolag inom life science. Bolaget fokuserar p
Karolinska Developments portföljbolag Aprea Therapeutics har fått särläkemedelsstatus och snabbspårstatus från FDA för APR-24616.4.2019 12:46:00 CEST | Pressmeddelande
STOCKHOLM, SVERIGE - 16 april 2019. Karolinska Development AB meddelar idag att portföljbolaget Aprea Therapeutics har av FDA fått särläkemedelsstatus för APR-246 för behandling av patienter med TP53-muterad myelodysplastiskt syndrom (MDS). Dessutom ger FDA bolaget snabbspårstatus (Fast Track Designation), för APR-246 för behandling av MDS. Amerikanska läkemedelsverket, FDA, ger särläkemedelsstatus till läkemedelskandidater för att snabba på utvärderingen och utvecklingen av säkra och effektiva behandlingar av ovanliga sjukdomar. Särläkemedelsstatus ger företag både regulatoriska och kommersiella incitament genom att läkemedlet får marknadsexklusivitet på den amerikanska marknaden i sju år efter marknadsgodkännande samtidigt som företaget får stöd från FDA när det gäller designen av kliniska prövningar, skatteförmåner för kostnader kopplade till kliniska prövningar och avgiftsbefrielse från FDA. FDA:s snabbspår underlättar utvecklingen av läkemedel som är avsedda för att behandla allva
Karolinska Development's portfolio company Aprea Therapeutics has received FDA Orphan Drug Designation and Fast Track Designation for APR-24616.4.2019 12:46:00 CEST | Press release
STOCKHOLM, April 16, 2019. Karolinska Development's portfolio company Aprea Therapeutics has from FDA received an Orphan Drug Designation for APR-246 for the treatment of patients with Myelodysplastic Syndromes (MDS) having a TP53 mutation. In addition, FDA has also granted Fast Track Designation to APR-246 for treatment of MDS. Orphan Drug Designation is granted by the FDA Office of Orphan Products Development to advance the evaluation and development of safe and effective therapies for the treatment of rare diseases. The designation can provide development and commercial incentives for designated compounds and medicines, including eligibility for a seven-year period of market exclusivity in the U.S. after product approval, FDA assistance in clinical trial design, tax credits related to clinical trial expenses, and an exemption from FDA user fees. The FDA's Fast Track program facilitates the development of drugs intended to treat serious conditions and that have the potential to addre
Bergman & Beving AB: Bergman & Beving förvärvar KGC10.4.2019 14:00:00 CEST | Pressmeddelande
Pressmeddelande Bergman & Beving förvärvar KGC Bergman & Beving har idag tecknat avtal om förvärv av samtliga aktier i KGC Verktyg & Maskiner AB. KGC, med säte i Älvsjö, har i mer än 60 år utvecklat och levererat kvalitetsverktyg och tillbehör för murning och plattsättning i det egna varumärket KGC. Bolaget omsätter cirka 80 MSEK per år, och har 24 anställda. "KGC är ett ledande varumärke med högt anseende hos murare och plattsättare och har en mycket stark ställning på den svenska marknaden", säger Pontus Boman, VD och koncernchef. Tillträde beräknas ske den 1 maj 2019 och förvärvet bedöms ha en marginellt positiv påverkan på Bergman & Bevings resultat per aktie under innevarande räkenskapsår. Stockholm den 10 april 2019 Bergman & Beving AB (publ) För ytterligare information kontakta: Pontus Boman, VD & Koncernchef, telefon 010-454 77 00 Peter Schön, CFO, telefon 070-339 89 99 Denna information lämnades, genom ovanstående kontaktpersoners försorg, för offentliggörande den 10 april 201
Bergman & Beving AB: Bergman & Beving acquires KGC10.4.2019 14:00:00 CEST | Press release
Press release Bergman & Beving acquires KGC Bergman & Beving has today signed an agreement to acquire all shares in KGC Verktyg & Maskiner AB. KGC, based in Älvsjö, has for more than 60 years developed and delivered quality tools and accessories for bricklayers and tilers in its own brand KGC. The business has a turnover of approximately SEK 80 million per year, and has 24 employees. "KGC is a leading brand with high reputation among bricklayers and tilers and has a very strong position in the Swedish market," says Pontus Boman, President and CEO. The closing is taking effect on 1 May 2019 and the acquisition is expected to have a marginal positive impact on Bergman & Beving's earnings per share during the current fiscal year. Stockholm, 10 April 2019 Bergman & Beving AB (publ) For further information, please contact: Pontus Boman, President & CEO, Tel: +46 10 454 77 00 Peter Schön, CFO, Tel: +46 70 339 89 99 The information was submitted for publication, through the agency of the cont
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.Visit our pressroom