ISACA Survey: Wide Gap between Australian Consumers and Global IT Professionals on IoT Security

SYDNEY–(BUSINESS WIRE)–Is the Internet of Things safe? A new survey from global cybersecurity
association ISACA suggests a major confidence gap about the security of
connected devices between the average consumer and cybersecurity and
information technology professionals.

According to the consumer segment of ISACA’s 2015
IT Risk/Reward Barometer
, 65 per cent of Australian consumers are
confident they can control the security on the Internet of Things (IoT)
devices they own. Yet according to 7,016 global IT and cybersecurity
professionals who responded to a parallel survey, only 22 per cent feel
this same confidence about controlling who has access to information
collected by IoT devices in their homes. This number (19 per cent) is
even lower among Australian IT professionals. Globally, 72 per cent of
IT and cybersecurity professionals say manufacturers are not
implementing sufficient security in IoT devices.

More than 80% of Australian consumers consider themselves somewhat or
very knowledgeable about the IoT and the average estimated number of IoT
devices in their home is six. Smart TVs, fitness trackers and smart
watches are the most wanted devices to purchase in the next 12 months.

The Hidden IoT

ISACA’s survey of IT and cybersecurity professionals depicts an IoT that
flies below the radar of many IT organisations – an invisible risk that
is underestimated and under-secured. Among the Australian respondents:

  • 61 percent believe their IT department is not aware of all of their
    organisation’s connected devices (e.g., connected thermostats, TVs,
    fire alarms, cars)
  • 72 percent estimate the likelihood of an organisation being hacked
    through an IoT device is medium or high
  • 57 percent think that the increasing use of IoT devices in the
    workplace has decreased employee privacy

“In the hidden IoT, also invisible are the countless entry points that
cyber attackers can use to access personal information and corporate
data,” said Christos Dimitriadis, Ph.D., CISA, CISM, CRISC,
international president, ISACA, and group director of information
security, INTRALOT. “The rapid spread of connected devices is outpacing
an organisation’s ability to manage and safeguard company and employee

ISACA’s consumer research suggests that Australian consumers are likely
to value businesses that demonstrate their expertise in cybersecurity
best practices: 93 per cent of Australian consumers say it is important
that data security professionals hold a cybersecurity certification if
they work at organisations with access to the consumers’ personal

ISACA established Cybersecurity
(CSX) to help organisations develop their cybersecurity
workforce and help individuals advance their cybersecurity careers.
Details on CSX
conference and the new CSX

ISACA’s annual Risk/Reward Barometer polls thousands of IT and
cybersecurity professionals and consumers worldwide to uncover attitudes
and behaviors, and the trade-offs people make to balance risk and
reward. Results:

is a global nonprofit association of 140,000 professionals in 180


Brooke Davie, +61 8235 7600
Fenwick, +61 468 901 655