How Can Organizations Improve IoT Security?

• By Natasha Arora
• 13-06-2025
• Internet of Things

Internet of Things (IoT) continues to do business by connecting billions of devices, including smart thermostats, industrial robots, medical equipment, logistics sensors, among other things, industries continue to transform. Such unprecedented connectivity comes with immense security issues.

Since the number of IoT devices is so high, the risks associated with their adoption are also growing exponentially, as 57 per cent of IoT devices are at risk of medium or severe attacks, with the average number of attacks per month per device being 5,200.

For an organisation, the topic of IoT security is too vast as it has drivers with best practices, actionable strategies, and the latest statistics to tackle. So let’s get started!

The Expanding IoT Threat Landscape

Currently, the Internet of Things (IoT) has changed our lives and ways of work, including household appliances, security cameras, industrial machinery, and medical equipment.

Yet this fast expansion also left a huge number of a huge vulnerable attack surface to cybercriminals. Recent years have shown how easily exposed even high-profile IoT devices can be, with high-profile IoT breaches on the rise.

Massive Data Exposures - The Mars Hydro Breach

In early 2025, one of the most alarming examples was a massive IoT data breach that revealed 2.7 billion records tied to either Mars Hydro, a China-based smart grow light manufacturer, or LG-LED Solutions, a California-based registered firm. It was an unprotected database exposed containing names of Wi-Fi networks, passwords, IP addresses, and device IDs.

What this level of exposure could mean is that attackers can poke into the users’ networks, hijack nearby Wi-Fi, and invade with other ‘nearest neighbour’ exploits. Immediately after discovering the data, the companies thwarted access, but have yet to detail what happened during the exposure.

IoT Devices as Launchpads for Global Attacks

IoT devices are not only the focus for the theft of your data, but also the targets for hijacking and weaponization them in large-scale cyberattacks. It is a prime example of the infamous Mirai botnet incident. The attackers scanned the internet for IoT devices with open Telnet ports and default credentials in 2016 and again in 2024.

Once they were infected, these devices, which included cameras, routers, were used as part of botnets to launch huge Distributed Denial of Service (DDoS) attacks on major sites and cloud services around the world. In late 2024, the “Matrix” threat actor also hijacked this same vulnerability and built a global botnet that offered DDoS for hire services targeting China and Japan in particular due to their high density of IoT devices.

The Root Causes

• Default or Weak Passwords - Most of the IoT devices are shipped with some default or weak passwords, which people fail to change.
• Unpatched Vulnerabilities and Outdated Software - Just like the majority of the Internet, IoT devices have software containing known vulnerabilities and outdated firmware. As a result, attacks are carried out by attackers, such as those behind the 2024 Matrix and Raptor Train botnets, who will scan for and exploit these weaknesses to create huge botnets to carry DDoS attacks.
• Few Regulatory Requirements - There is limited oversight and requirements for security measures in almost every IoT device.
• Insecure Network Services and Traffic - More than half of IoT device traffic is unencrypted, leaving no room for security. Nevertheless, open ports and/or unnecessary services expose them to attacks.
• Virus - Attacks using malware or backdoors can be embedded during the manufacturing of the device, creating risks that the devices have not even reached those who will end up using them.
• Diversity - Among many devices, each new device is an additional potential attack point. Security management for diverse device types and protocols is a complicated task, due to the diversity of the device types and protocols involved.

Key Challenges in IoT Security

● Weak Authentication - IoT devices do not come with good or strong credentials. That said, the Ring security camera breach allowed hackers to access home cameras and even communicate with users because families reused passwords or did not change default settings. An attacker could also easily exploit poor authentication to affect over 30 families.

● Unlimited Connectivity - Your business is open to the world, which also means you have to accommodate connections from all angles. Many organisations see the growing number of connected IoT devices and have a hard time keeping track of them all, that is, until the day a stranger’s device steals all your company secrets. The absence of visibility makes it possible for unauthorised devices such as broken boards to be slipped into networks undetected.

● Insufficient Skilled Personnel - The increased complexity of IoT landscapes and ecosystems leads many organisations to lack security. Consequently, the risk of breaches and performing slow incident response increases.

Best Practices and Strategies to Improve IoT Security

Strengthen Authentication and Access Controls

• Strong Authentication - Do not use normal and straightforward passwords for each device. Whenever it is possible, implement Multi-factor authentication (MFA) to have an additional layer of security.
• Unique Device Identities - There are some ways by which unique device identities can be assigned to every device along with cryptographic credentials like X.509 certificates, enabling only authorised devices to access the network.

Regular Software and Firmware Updates

• Device Firmware and Software Update - Establish automatic, secure ways to update the firmware and software on devices. By doing so, you will be able to close the vulnerabilities as soon as the fixes are released.
• Unsupported Operating Systems - There are still 21% of IoT devices running legacy OS versions and therefore have no security updates.

Encrypt Data and Communications

• Encryption in Data Transit & Rest -- It is done through the strong encryption protocols on transmission of data from one device to another, from the device to the cloud system, or from the device to the on-premises system. It does this to protect sensitive information from interception or tampering.
• Data Encryption - Create and use encryption on devices and in the cloud to ensure that, while compromised, data on devices will require the decryption key to be able to access it.

Network Segmentation and Isolation

• Isolate IoT devices - Place IoT devices on separate network segments, apart from the critical business system and sensitive data. These boundaries are enforced between VLANs and firewalls.
• Minimise Impact of a Breach - Limit bandwidth and access to only what is needed for the proper operation and functionality of the IoT devices. This minimises the impact of a breach by reducing the scale of the attack.

Continuous Monitoring and Anomaly Detection

• Advanced Monitoring tool - To monitor network traffic to identify anomalies, and to serve as an alarm for security teams if suspicious behaviour is detected.
• Incident Response - Regular stress tests for an incident, and make sure all of the roles and responsibilities are very well defined.

Device and Supply Chain Visibility

• IoT Devices - Keep a note on the version of the firmware present, the configuration of the IoT devices, and their physical location.
• Assessment of Supply Chain - Rate and assess vendors and suppliers appropriately, and demand that they adhere to existing security frameworks.

Policy and Regulatory Compliance

• Adopt Security Frameworks - Refer to security standards and practice guidelines to follow, and meet regulatory compliance requirements.
• Monitor Advisories - Observe regulatory advisories and industry groups’ advice as a form of emerging threats and suggested mitigations.

Employee Training and Security Culture

• Security Measures and Policies - Put policies in place that would prevent devices from connecting to your networks, set up strict security groups for IoT, provide web filtering or whitelist services for IoT devices, and utilise SSL VPNs.
• Encourage Vigilance - Establish a security vigilance for the organisation through a shared commitment to security.

Defense-in-Depth Approach

There is no single security measure that is enough. To reduce their risk of compromise, organisations should layer multiple safeguards, forming what is known as a defence-in-depth strategy.

• Physical Security - Securing the device locations to prevent tampering.
• Disabling - Unnecessary services, service ports, and default configurations should be shut down or changed.
• Regular Testing of APIs - It ensures APIs that use IoT devices are continually tested for vulnerabilities, encrypted, and authenticated.
• Forensic Analysis - Allow detailed logs of device access and network activity for forensic analysis.

Future Trends and Investments in IoT Security

With the Internet of Things (IoT) ecosystem forecasted to include more than 75 billion devices by the end of 2025, there has never been a greater impetus to have such solid security solutions. The rapid growth brings out both transforming opportunities as well as higher risks that encourage organisations and governments to prioritise national investments in next-generation security technologies and frameworks.

AI-Driven Security and Real-Time Threat Detection

Integrating artificial intelligence (AI) into IoT security is probably one of the biggest trends in recent times. Intrusion detection systems (IDS) driven by AI can inspect a horde of stream device data and find anomalies and threats in real time.

An example of this is AI-driven security platforms deployed to reduce the cybersecurity risk in smart manufacturing and used to continuously monitor robotic assembly lines and instantaneously signal anomalies, before any significant damage is done to their systems. Forbes states that the market for IoT AI security solutions will total $8.5 billion by 2027.

Edge Computing for Enhanced Security

Since edge computing means that data is processed closer to the source, on the devices themselves, it is reshaping IoT security. In effect, this helps to reduce latency to lower the time taken for threat detection.

For instance, in a healthcare context, edge-based security guarantees that patient data coming from connected medical devices is analysed and secured locally, limiting the exposure of the data to external threats. Among this, the global edge computing market is anticipated to reach $317 billion by 2026 to JLL.

Blockchain for Device Authentication and Data Integrity

Blockchain is tamper tamper-proof, decentralised ledger, guaranteeing the integrity of data exchanges. Smart logistics is the application of blockchain to achieve immutable records of sensor data through the supply chain, which provides a strong guarantee to preclude data manipulation or device spoofing. By 2030, it is expected that the blockchain market for IoT security will be worth up to $6.2 billion.

Zero Trust Security Models

A standard for the IoT environment is becoming the ‘zero trust’ approach - ‘never trust, always verify.’ This model is strict in authentication, continuous monitoring, and least privilege access.

For instance, in the smart city infrastructure area of zero trust ensures that only authorised sensors and controllers can communicate and hence reduces the risks associated with unauthorised access to critical systems.

Quantum-Resistant Encryption

As quantum computing arises, traditional methods of encryption are due for obsolescence. Quantum-resistant encryption algorithms are starting to be used by IoT deployments with high value, such as defence or energy, as a way to defend against future threats. These algorithms are ideally suited to be run on industrial-grade devices, as they are currently so, but layered security approaches that protect the consumer IoT through quantum-resistant gateways and servers are being developed.

Conclusion

Data being shielded must be dealt with through robust authentication, end-to-end encryption, and regular firmware updates by organisations. Segregating the network and monitoring continuously, and controlling who can access what, are paramount to preventing breaches. Keeping visibility on all of your devices, while building a security-aware culture, also reduces your exposures. Adherence to different kinds of regulations and investment in AI-based threat detection will surely be essential. The best way to secure an IoT ecosystem for businesses is to implement a defence-in-depth and proactive strategy with experts like Qualysec Technologies!