Security News > 2022 > March > Where should companies start when it comes to device security?

According to a recent survey conducted by the Ponemon Institute, 59% of embedded product security decision-makers say they've lost revenue due to product security concerns.

Many device manufacturers struggle to prioritize product security without sacrificing production or incurring large costs.

Customers, for their part, are paying attention: According to Ponemon's study, 76% of respondents said their customers rank the importance of device security at least 7 out of 10.

If you're unaware of all the components in your embedded device firmware - like the 70% of Ponemon's respondents who can't create a software bill of materials for their devices - any remaining security efforts will have a significant blind spot.

Hard-coded credentials are often included into devices at the configuration stage, after security testing has already been completed in some companies.

While NIST is expected to unveil a labeling program in 2022 to address IoT security concerns, manufacturers can follow the existing guidance and offer customers a window into their security process to offer peace of mind before that standard becomes law.

News URL

https://www.helpnetsecurity.com/2022/03/31/devices-security/