March 15, 2018 By David Bisson 2 min read

Security is the most important consideration for web users in the U.S. when looking to purchase smart home devices, a consumer survey revealed.

According to McAfee’s “New Security Priorities in an Increasingly Connected World,” 36 percent of U.S. internet users said they consider security when shopping for a smart home device, as reported by eMarketer. That’s a higher percentage than those who admitted that they prioritize price (32 percent), ease of use (13 percent) and reviews from other users (8 percent).

Security Priorities Vary by Demographic

Security doesn’t affect all users’ purchasing decisions equally. Broken down by gender, women (38 percent) were more likely than men (33 percent) to consider security when purchasing smart home devices.

Age also plays a role: Users between the ages of 18 and 20 placed the greatest emphasis on security (40 percent), followed by individuals aged 41–50 (38 percent) and those aged 51–55 (37 percent). Consumers between the ages of 21 and 30 are least likely to consider security (34 percent).

Although the majority of users in the U.S. don’t think about security when purchasing smart home devices, they still worry about the security of the devices they do purchase. More than half (63 percent) are concerned about identity theft in the event that someone breaches the connected home’s network.

Even so, 52 percent admitted they don’t know how to secure their smart home apps and devices. As a result, 43 percent of users said they were concerned about their lack of control over companies’ collection and use of their personal information, while just 24 percent said they were confident in their ability to control this data, according to eMarketer.

Protecting Smart Home Devices

Consumers looking to protect their smart home devices from threat actors can reference frameworks such as the Open Web Application Security Project (OWASP)’s “IoT Security Guidance,” which advised users to consider segmenting new IoT devices on a dedicated network.

It also suggested creating strong passwords and enabling two-factor authentication (2FA) on those products. Finally, consumers should avoid entering personal information into IoT devices whenever possible and disable any unused physical ports through each device’s admin interface.

More from

SoaPy: Stealthy enumeration of Active Directory environments through ADWS

10 min read - Introduction Over time, both targeted and large-scale enumeration of Active Directory (AD) environments have become increasingly detected due to modern defensive solutions. During our internship at X-Force Red this past summer, we noticed FalconForce’s SOAPHound was becoming popular for enumerating Active Directory environments. This tool brought a new perspective to Active Directory enumeration by performing collection via Active Directory Web Services (ADWS) instead of directly through Lightweight Directory Access Protocol (LDAP) as other AD enumeration tools had in the past.…

Smoltalk: RCE in open source agents

26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started this project, Hugging Face announced the release of smolagents, a lightweight framework for building AI agents that implements the methodology described in the ReAct paper, emphasizing reasoning through iterative decision-making. Interestingly, smolagents enables agents to reason and act by generating…

4 ways to bring cybersecurity into your community

4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept of a culture of cybersecurity and take it from where it currently stands as an organizational responsibility to a global perspective.When every person who uses technology — for work, personal use and school — views cybersecurity as their responsibility, it…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today