The first real step enterprises must take to secure their cellular IoT investments is to set a definitive IoT security budget. But this process is easier said than done. For one thing, landing on a concrete budget requires cross-enterprise collaboration among stakeholders, research, and frequent discussion on how to approach cellular IoT security. Oftentimes, organizations lump their cellular IoT security in with their overall IT cybersecurity budgets and solutions. However, enterprises should view cellular IoT security needs separately from their overall IT security, developing separate budgets and working with cellular IoT cybersecurity partners.
Aeris recently collaborated with ABI Research to dive into this complex undertaking, surveying 150 European and North American organizations about the ins and outs of their cellular IoT security spending. The subsequent results provided insights that are summarized below into how companies approach cellular IoT security spending.
Yearly IoT Security Budgets
One of the main parts of the research focused on the size of respondents’ yearly cellular IoT security budgets. The answers ranged from as little as $50,000 all the way up to $5 million, showing the sheer difference in IoT security spending (and prioritization) for enterprises.
Exactly half of respondents reported spending between $100,000 and $250,000. Meanwhile, 23% allocate between $250,000 and $500,000, and five percent have budgets between $1 million and $5 million. A mere 2% of respondents maintain IoT security budgets over $5 million.
IoT Security Budget Allocations
The survey also asked respondents how important their IoT budget security allocations were across the different levels of their connected device programs – stretching from hardware to the cloud. This portion of the research shows where monetary resources are being placed across a cellular IoT program – and how enterprises view each level’s importance.
By far, the most popular answer was hardware, with 45% of respondents saying secure hardware is “very important” and 42% saying it’s “important.” Network security is also a priority for respondents, with 40% rating it “very important” and 48% viewing it as “important.” Host security is also a major focus for enterprises, with 40% of respondents rating its security as “very important,” and 38% indicating it is “important.”
IoT Security Budget Splits
The research also gives a look at how security budgets were split among the device, network, and cloud levels by attendees. This portion of the survey literally shows where enterprises are investing monetary resources, and which parts of their cellular IoT implements they are protecting the most.
Leading the pack is the cloud level, which has an average allocation of 43.6%. The device-level received the next highest amount of security budget split, with respondents spending an average of 33.1% of their IoT security budgets at this level. Finally, the network level received an average of only 23.3% of IoT budgets. While the network level receives smaller allocations of cellular IoT cybersecurity budgets, it is the most important level where organizations should spend their budgets. The network level is where all traffic – malicious or otherwise – flows through a cellular IoT implementation. Enterprises should take the necessary steps to adequately secure this level is protected to strengthen their overall security posture.
