It’s true that the Internet of Things (IoT) is making a huge impact on our lives, much of it positive. In fact, according to analyst firm Gartner, the worldwide installed base of connected devices is expected to grow 31% this year to reach 8.4 billion.
But our dependency on connectivity has not gone unnoticed by the hacking community. For them, the IoT explosion opens an Aladdin’s cave of new devices that they can bring under their spell and hire out as botnets — also ironically known as zombies — for DDoS attacks or even for cryptomining.
And that’s not all. There are plenty of other freaky things going on.
Kids’ connected toys are collecting their owners’ private data and eavesdropping on their owners. Consider also the possibility of a hacker remotely switching off your connected fridge or air conditioner at the height of summer.
Such is the level of concern that security researchers, civil rights activists, and law makers have issued a wake-up call demanding security solutions to ensure that the use of IoT devices is safe for consumers.
At Allot, we answered that call.
We recently issued a global survey to gauge consumer awareness and concerns relating to the security level of their home IoT devices. The survey set out to present service providers with a unique opportunity to help consumers with their cybersecurity concerns. We asked them where they would go to receive help and whom they would trust; what actions would they take to cyber-secure their homes; and what was their willingness to pay for IoT security services.
The results were enlightening as they present a huge opportunity for ISPs.
Here are just a few of our top takeaways.
Takeaway 1: Consumers are worried.
Half of those consumers whom we polled were concerned about loss of privacy or a cyberattack, while three quarters were aware and concerned about connected toys being able to spy and communicate with their children.
And they are right to be concerned.
Take for example, strangers watching another family’s baby through a baby monitor that was connected to their Wi-Fi router.
Research has found a multitude of devices with extreme vulnerabilities, with the underlying operating systems and firmware of these devices being difficult to update or patch.
Most people configure basic security settings, such as changing default passwords. But that is not enough. This is because most devices suffer from built-in vulnerabilities and are not designed to run any third-party endpoint security software.
Takeaway 2: Consumers are willing to pay for an IoT security service.
72% to be precise.
But perhaps just as interesting, two-thirds of households with up to ten devices are willing to pay an average of $6.90 per month for security services, while 84% of households with more than ten devices are willing to pay an average of $7.90. So, the more devices in the home, the more vulnerable consumers feel, and the more they are willing to pay for peace of mind.
Takeaway 3: ISPs have a unique advantage
We asked respondents whom they would prefer to run and manage their cybersecurity-related services. When offered a choice between four antivirus (AV) security brands—among them, three market leaders — and their current ISP, respondents chose their ISP as the second most popular option. Clearly, this indicates that there is already an awareness among consumers of the advantages in choosing their ISP to provide a broad IoT cybersecurity service.
So, what are those advantages?
For many consumers, cybersecurity has been synonymous with antivirus. But those days are long gone. Your traditional AV solution is fine for programmable devices like laptops, desktops, and tablets, but that won’t work for the headless devices mentioned above. These devices require protection at the network level rather than at the device level.
It is true that cybersecurity vendors are developing home-secure gateway products or software add-ons to routing equipment that deliver IoT security, but that requires consumers to actively research, purchase, install, set up, and maintain their home secure gateways. That is hardly an ideal solution in an age when convenience is considered a clear IoT market driver.
And that’s where ISPs come in.
By simply adding a software agent on the subscriber’s existing Consumer Premise Equipment (CPE), ISPs can easily roll out a network or router-based solution that protects all the consumer’s IoT devices, headless or not.
And then there’s the trust factor.
Given that ISPs already provide Internet services and a host of applications, content, and software, their subscribers already see them as a trusted communication partner whom they can trust. Having nurtured this relationship with their consumers, ISPs can then offer their customers so much more than an off-the-shelf product. Rather than leaving their customers to fend for themselves, ISPs can manage their security giving them peace of mind.
In the race to gain a significant share of the disrupted IoT security market, ISPs aren’t just in pole position. They have a huge head start.
And the Revenue Opportunity? Well that’s a no-brainer.
Considering the average $6.90 extra per month that most households with up to ten devices are willing to pay, we’re talking about almost $3.5 million extra revenue per month for every half a million households.
What’s more, ISPs can deliver their own brand of security to the connected home with considerably less friction in the sales process when compared to an AV vendor. And as customers feel more secure, they’ll adopt more IoT products and services.
If you want to learn more about how ISPs can augment their core connectivity business with IoT security services and disrupt the US$6.5 billion cybersecurity market, download our latest Telco Security Trends report.
