New Northern.tech report reveals critical gaps in IoT device lifecycle management
Northern.tech, a contributor in device lifecycle management, has released its inaugural State of Industrial IoT Device Lifecycle Management report. Based on insights from over 500 embedded professionals across industries, the report uncovers how OEMs are navigating the shift to a software-centric economy — and the operational, cultural and compliance challenges that come with it.
As Internet of Things (IoT) adoption accelerates, OEMs’ ability to securely and efficiently manage smart products across the lifecycle is emerging as a key differentiator. The report details how organisations are progressing and where gaps remain.
Key findings include:
- Security and time-to-market are ranked equally as top business priorities — but most organisations struggle to balance both.
- Only one-fifth of OEMs are implementing a compliance plan for the EU Cyber Resilience Act, despite penalties being 20 months away.
- Nearly half of product launch delays stem from software issues like bugs, deployment problems, and new security patches.
- Device lifecycle management (DLM) remains immature across the market, with over a third citing prioritisation as the top roadblock to establishing an explicit DLM process.
OEMs struggle to adopt a digital mindset
Physical-product-based strategies are no longer sustainable in an era where software and artificial intelligence (AI) dictate innovation and customer retention. As software becomes central to product value, managing connected devices across their lifecycle becomes increasingly complex. From improvements and vulnerability patching to compliance and support, OEMs must rethink their approach to embedded systems, product development, maintenance and long-term customer relationships.
“The shift to software-defined products requires more than acknowledgement,” says Eystein Stenberg, the co-founder and CTO of Northern.tech. “It demands mature, secure and scalable infrastructure to support real-world complexity, whether you’re managing a fleet of industrial robots or millions of connected medical devices.”
OEMs must adopt software-first approaches to product design, development and management while adapting revenue models to support ongoing requirements of software-based products. At the same time, OEMs must refine their strategies to avoid software development pitfalls causing launch delays and fully capitalise on software-driven growth.
Bridging the compliance and cybersecurity gap
While awareness around cybersecurity and regulatory mandates is high, execution remains a challenge. “Security and compliance can’t be afterthoughts,” adds Stenberg. “They need to be baked into the full product lifecycle—from design to deployment and beyond.”
The report outlines a significant maturity gap in IoT security strategies. While more than half of respondents claim to comply or plan to comply with cybersecurity regulations, nearly one-fifth admit they have no compliance plan, and another fifth are unsure of which regulations or standards apply. Regarding vulnerability remediation, under one-quarter of OEMs can deploy a security update within weeks, highlighting a disconnect between perceived readiness and actual incident response capabilities.
Supporting the IoT ecosystem with actionable insights
As IoT and connected devices grow in impact, OEMs are slowly recognising the need to adapt. The acceleration toward a software-centric economy requires OEMs to navigate new technical, operational, cultural and hurdles to remain competitive and generate value.
This report aims to help OEMs benchmark their progress, understand emerging risks, and explore the strategies leading teams are using to compete in a software-first economy.
Download the full report.
Comment on this article below or via X: @IoTGN and visit our website IoT Global Network