• >
  • Africa
  • >
  • Security
  • >
  • In 2018, weak authentication the leading cause of IoT security breaches - Gartner
Read time: 3 minutes

In 2018, weak authentication the leading cause of IoT security breaches - Gartner

By , ITWeb
Africa , 21 Aug 2017

In 2018, weak authentication the leading cause of IoT security breaches - Gartner

According to Gartner's 2016 Middle East and North Africa (MENA) report, by year-end 2018, over 50% of IoT device manufacturers will remain unable to address product threats emanating from weak authentication practices. Virtually 99.9% of attacks will be based on product vulnerabilities that were known for at least a year.

The report claims 30% of large enterprises will increase their security consulting services spending as they transition into digital businesses by 2019.

Greg Young, research vice president at Gartner said, "Enterprises in MENA are the targets of some of the world's most advanced attacks, as well as the highest rate of attacks. Organisations are trying to increase detection, blocking, and advanced defences while faced with limited availability of the security workforce."

Serianu's Africa Cyber Security Report 2016, African countries lost at least US$2 billion to cybercrime in 2016. In East Africa, Kenya recorded the highest loss (US$171 million), Tanzania lost US$85 million while Ugandan companies lost US$35 million.

The Report states that as more African governments and companies move to digitisation and connect to the internet, the potential of cyberattacks has risen across the continent.

"Unfortunately, a typical mid-sized business in Africa will have at least one or two systems exposed to the internet with little or no security to detect or prevent an attack. Such systems will have default passwords creating vulnerabilities that internal technology or ICT support are not aware of," reads an excerpt from the Report.

Increasing security spending

Worldwide information security spending will grow 7% to reach US$86.4 billion in 2017, according to Gartner.

In terms of infrastructure protection, the global market research and analysis firm predicts fast growth within the security testing market (albeit from a small base) driven by continued data breaches and growing demands for application security testing as part of DevOps.

Sid Deshpande, principal research analyst at Gartner, said, "Rising awareness among CEOs and boards of directors about the business impact of security incidents and an evolving regulatory landscape have led to continued spending on security products and services."

Gartner's MENA report noted that "increased awareness about the business impact of security incidents is causing organisations to focus their security strategy on detection and response approaches, which is driving this strong growth in the security market."

The company adds that spending on emerging application security testing tools, particularly interactive application security testing, will contribute to the growth of this segment through 2021.

"Security services will continue to be the fastest growing segment, especially IT outsourcing, consulting and implementation services. However, hardware support services will see growth slowing, due to the adoption of virtual appliances, public cloud and Software as a Service (SaaS) editions of security solutions, which reduces the need for attached hardware support overall."

However, Deshpande says improving security is not just about spending on new technologies.

"As seen in the recent spate of global security incidents, doing the basics right has never been more important. Organisations can improve their security posture significantly just by addressing basic security and risk related hygiene elements like threat centric vulnerability management, centralised log management, internal network segmentation, backups and system hardening."

The analysis company says the EU General Data Protection Regulation (GDPR) has created renewed interest and will drive 65% of data loss prevention buying decisions today through 2018.

Gartner notes that by 2020, 40% of all managed security service (MSS) contracts will be bundled with other security services and broader IT outsourcing (ITO) projects, up from 20% today.

Read more
Daily newsletter