Back
Cyber Security Training & Software for Companies | MetaCompliance

Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters

Back
Industry

Industries

Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 


Financial Services

Creating A First Line Of Defence For Financial Service Organisations

Governments

A Go-To Security Awareness Solution For Governments

Enterprises

A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives

Back
Resources

Resources

From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

Back
MetaCompliance | Cyber Security Training & Software for Employees

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

How to Improve IoT Cyber Security

1 4

about the author

Share this post

The global Internet of Things (IoT) market has experienced a significant growth spurt within the last few years. Over 8.4 billion devices are currently in use and this figure is expected to rise to 25 billion by 2020.

The Internet of Things refers to all the physical devices around the world that are now connected to the internet, collecting and sharing data.

IoT devices can include anything from microwaves, baby monitors and smart speakers to large scale manufacturing operations. Many global industries are now adopting IoT technology as a means of improving efficiencies and increasing profits.

However, as the use of these devices has increased, so has the associated IoT Cyber Security risks. The problem with IoT devices is they have very little security, and many lack the ability to be updated which provides cybercriminals with easy access points to exploit.

Hackers will attempt to compromise IoT devices with weak authentication, unpatched firmware or other software vulnerabilities. If these tactics don’t work, they will apply brute force attack using default usernames and passwords.

By 2020, it’s estimated that 25% of all cyber attacks will target IoT devices, and with more industries adopting IoT technologies, we can expect to see a continued rise in these attacks unless manufacturers prioritise the security features of these devices.

Dangers of unsecured IoT devices

How to Improve IoT Cyber Security

Unsecured IoT devices provide an easy way for cybercriminals to infiltrate a network. The infamous Mirai Botnet attack of 2016, demonstrates just how easily these everyday devices can be weaponised by attackers.

The attack remains one of the biggest distributed denial of service (DDoS) attacks in history. Using a malware called Mirai, hackers created a massive botnet of 100,000 IoT devices. The devices included radios, smart TVs, printers and they were all programmed to send requests to Dyn and overwhelm it with traffic.

The attack was hugely disruptive and brought down the websites of over 80 of its customers including Amazon, Netflix, Airbnb, Spotify, Twitter, PayPal, and Reddit. Damage from the attack is reputed to have cost $110 million and despite being contained within one day, over 14,500 domains dropped Dyn’s services in the immediate aftermath of the attack.

However, the compromise of IoT devices is not just limited to DDoS attacks. Hackers are increasingly targeting consumers directly in order to steal their personal data. These devices can stream huge amounts of sensitive data which can help criminals build a detailed picture of their victim. The information can then be used in the careful crafting of a social engineering attack or the criminals can use the data to commit identity fraud.

Securing IoT Devices

How to Improve IoT Cyber Security

The rapid growth of the IoT market has meant that many manufacturers have been focusing more on profits rather than the security of the devices themselves. Cybercriminals have been quick to capitalise on this lapse in security by exploiting vulnerabilities in the devices and using them in coordinated cyber attacks.

This increase in attacks has prompted several governments to take the issue more seriously. California is the first US state to introduce a Cyber Security law regulating IoT devices. The legislation will come into effect on the 1st January 2020 and requires security measures for any device that can connect to the internet and that has an IP or Bluetooth address.

The UK government has also laid out guidelines to make IoT devices safer. The guidelines include secure storage of personal data, regular updates, data encryption, and the use of unique passwords.

The bottom line is that manufacturers need to prioritise security to ensure that the appropriate measures are built into IoT technology from the moment it’s developed. This will help improve consumer trust and reduce the chance of devices being compromised by attackers.

Top Tips to Improve IoT Cyber Security

Consumers can also help improve the security of their devices by taking the following steps:

  • Change default passwords – Manufacturers will automatically assign a username and password to each device, and hackers can easily find these default passwords online. Users should immediately change the default username and password to something more secure.
  • Apply software updates– Smart device firmware like any other type of software can contain vulnerabilities that hackers are able to exploit. Most devices will not have the option of an auto-update so you will need to manually update the software to ensure your devices are protected. Users should also regularly visit the manufacturer’s website to check for firmware updates.
  • Turn on Wireless Network Encryption – Encryption is one of the most effective ways to safeguard network data.
  • Use a firewall – A firewall monitors traffic between an internet connection and devices to detect suspicious behaviour. Even if a device becomes infected, a firewall can help prevent an attacker from gaining access to other devices on the same network.
  • Only use well-known brands –Big name brands will tend to take the security of their products more seriously. They’ll invest more time and money into ensuring security features are incorporated into the manufacturing and design of the product. They will also release software updates on a regular basis to prevent hackers from exploiting vulnerabilities in the device.

Other Articles on Cyber Security Awareness Training You Might Find Interesting

duckduckgo vs google EN

DuckDuckGo vs Google – 5 reasons why you should give up using Google!

You were not aware that DuckDuckGo is a search engine? Well, now you know. Since its founding in 2008, DuckDuckGo has made it its mission to develop a search engine that does not store or share personal data, quite unlike Google. Google’s business model is based less on data protection and more on personalised advertising. Without the storage of personal data, Google would virtually lose the air it breathes. However, Google is still the most used search engine, and there are reasons for that. Google does have one weakness, however, and that is data protection.
Read More »
dataprotection vs informationsecurity EN

Information Security vs Data Protection

Is this an issue for our ISO or our DPO, or is it much the same in either case? Who exactly is responsible for this incident, and is there a need to report it at all? In order to discuss the similarities and differences between information security and data protection, the first step is to define the two areas.
Read More »