New Northern.tech Report Reveals Critical Gaps in IoT Device Lifecycle Management Necessary for OEMs to Ensure Cybersecurity and Compliance

The 2025 State of Industrial IoT Device Lifecycle Management highlights top challenges OEMs must overcome to succeed in a software-first world

PALO ALTO, Calif., May 1, 2025 /PRNewswire/ -- Northern.tech, the leader in device lifecycle management, today released its inaugural State of Industrial IoT Device Lifecycle Management report. Based on insights from over 500 embedded professionals across industries, the report uncovers how OEMs are navigating the shift to a software-centric economy — and the operational, cultural, and compliance challenges that come with it.

As IoT adoption accelerates, OEMs' ability to securely and efficiently manage smart products across the lifecycle is emerging as a key differentiator. The report details how organizations are progressing and where gaps remain.

Key findings include:

• Security and time-to-market are ranked equally as top business priorities — but most organizations struggle to balance both.
• Only one-fifth of OEMs are implementing a compliance plan for the EU Cyber Resilience Act, despite penalties being 20 months away.
• Nearly half of product launch delays stem from software issues like bugs, deployment problems, and new security patches.
• Device lifecycle management (DLM) remains immature across the market, with over a third citing prioritization as the top roadblock to establishing an explicit DLM process.

OEMs struggle to adopt a digital mindset

Physical-product-based strategies are no longer sustainable in an era where software and AI dictate innovation and customer retention. As software becomes central to product value, managing connected devices across their lifecycle becomes increasingly complex. From improvements and vulnerability patching to compliance and support, OEMs must rethink their approach to embedded systems, product development, maintenance and long-term customer relationships.

"The shift to software-defined products requires more than acknowledgement," says Eystein Stenberg, Co-founder and CTO of Northern.tech. "It demands mature, secure, and scalable infrastructure to support real-world complexity, whether you're managing a fleet of industrial robots or millions of connected medical devices."

OEMs must adopt software-first approaches to product design, development, and management while adapting revenue models to support ongoing requirements of software-based products. At the same time, OEMs must refine their strategies to avoid software development pitfalls causing launch delays and fully capitalize on software-driven growth.

Bridging the compliance and cybersecurity gap

While awareness around cybersecurity and regulatory mandates is high, execution remains a challenge. "Security and compliance can't be afterthoughts," adds Stenberg. "They need to be baked into the full product lifecycle—from design to deployment and beyond."

The report outlines a significant maturity gap in IoT security strategies. While more than half of respondents claim to comply or plan to comply with cybersecurity regulations, nearly one-fifth admit they have no compliance plan, and another fifth are unsure of which regulations or standards apply. Regarding vulnerability remediation, under one-quarter of OEMs can deploy a security update within weeks, highlighting a disconnect between perceived readiness and actual incident response capabilities.

Supporting the IoT ecosystem with actionable insights

As IoT and connected devices grow in impact, OEMs are slowly recognizing the strategic need to adapt. The acceleration toward a software-centric economy requires OEMs to navigate new technical, operational, cultural, and strategic hurdles to remain competitive and generate value.

This report aims to help OEMs benchmark their progress, understand emerging risks, and explore the strategies leading teams are using to compete in a software-first economy.

Download the full report.

About Northern.tech

Northern.tech is the leader in device lifecycle management with a mission to secure the world's connected devices. Established in 2008, Northern.tech showcases a long history of enterprise technology management before IIoT and IoT became buzzwords. Northern.tech is the company behind CFEngine, the pioneer in server configuration management, to automate large-scale IT operations and compliance.

In 2017, Northern.tech released the first version of Mender.io, the market leader in over-the-air (OTA) software update management. Mender offers robust, secure, and customizable OTA software updates for smart devices. Powering OTA software updates for more than a million devices worldwide over nearly a decade, Mender boasts a proven track record with Fortune 1000 clients, including Panasonic, Lyft, Volkswagen, Siemens, Thales, and ZF Group. Continuing its leadership in loT device management, Northern.tech most recently released Alvaldi, a loT remote access solution. Alvaldi allows OEMs to remotely troubleshoot their loT fleet in a secure and effective way.

Learn more about device lifecycle management.

Media Contact:
Larisa Bogomolov
(650)-257-0233
394472@email4pr.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/new-northerntech-report-reveals-critical-gaps-in-iot-device-lifecycle-management-necessary-for-oems-to-ensure-cybersecurity-and-compliance-302443645.html

SOURCE Northern.tech