2020_risk_report

2020 Global IoT Risk Report

A data-driven analysis of IoT vulnerabilities — from insecure networks and unmanaged devices — observed in 1,800+ IoT networks across diverse industries worldwide

Download the report

Learn why IoT networks and unmanaged devices are soft targets for adversaries

Now in its 3rd year, this data-driven analysis of real-world IoT vulnerabilities remains the only one of its kind.

Based on data collected in the past 12 months from 1,821 production IoT networks — across a diverse mix of industries worldwide — the analysis was performed using passive, agentless monitoring with patented deep packet inspection (DPI) and Network Traffic Analysis (NTA).

The data shows that IoT environments continue to be soft targets for adversaries, with security gaps in key areas such as:

  • Outdated operating systems
  • Unencrypted passwords
  • Remotely accessible devices
  • Unseen indicators of threats
  • Direct internet connections
  • No automatic AV updates

But that doesn’t mean nothing can be done. Ruthless prioritization is key. The report lays out a series of 7 practical steps for protecting your organization’s “crown jewel” assets, based on expert recommendations from NIST and INL.

Including data from previous reports, CyberX has now analyzed over 3,000 IoT networks worldwide. Unlike opinion-based surveys, this analysis is based on real-world network traffic and IoT cyber attacks — making it a more accurate representation of the current state of IoT security and IoT security challenges.

Get all the findings and expert recommendations.