IoT sense and (in)security

When trust is marked as one of the main trends for business in the future, security in and around the Internet of Things (IoT) products and services will be key in creating the mass-market uptake this area so badly needs.

The industry was certainly delivered a blow after it was revealed that an army of hacked devices that included CCTV cameras, DVRs, etc were used recently in one of the largest, unprecedented Distributed Denial of Service (DDoS) attacks.

Knowing that our digital footprints are already mined, aggregated, and analysed to predict our presence, intent, sentiment, and behaviour, our user generated data is valuable not only to the insurance, healthcare and marketing companies but also to the governments, law enforcement agencies, and all the parties involved in the security game, be that national or international.

Connecting our data to company websites and apps but also to connected devices everywhere around us will need greater concentration and application to deliver secure IoT networks. Elon Musk, CTO and CEO of SpaceX and product architect at Tesla Motors said recently that an AI attack on the Internet is only a matter of time now.

According the Global Economic Crime Survey 2016, Cybercrime climbs to the 2nd most reported economic crime affecting 32 per cent of organisations. The report also mentions that most companies are still not adequately prepared for – or even understand the risks faced: only 37 per cent of organisations have a cyber incident response plan.

So, it’s essential for companies to see through the hype in technological trends and have an action-plan to prepare for change, including security, it’s not different for IoT. We tend to forget that IoT is the most complex engineering system for security because it includes all the layers of the OSI model from hardware, to communication, to cloud, to apps and HUMANS!

Hardware is the most problematic part. Usually cheap products ruled by the market prices do not include any security or encryption at all, so what you pay for is what you get.

Encryption is the key, from the code on the hardware (firmware) to the communications and to the databases. Humans are still the weakest factor in the security chain; it’s easier to hack your password than to hack a server.

It’s essential when working with companies connecting products to the Internet, to be able to manage the connectivity, store data, analyse it and have access to visualising tools, always with security at the top of the list. Always work using encryption on communications and force firmware developers to store encrypted code. Also provide remote firmware upgrades over the air, in order to change the firmware if needed if there is any bug on the hardware or any security issue.

More effort needs to be made to secure IoT–related data to ensure the privacy of consumers and the functionality of businesses and corporations.

It’s clear that the cyber security sector is growing especially when it comes to securing the entire communication chain within the IoT processes. Security is set to become an even more vital part in the entire digital value chain. Huge opportunities and growth lies ahead for this sector.

If you enjoyed this, you might wish to take a look at the following:

New industry collaboration to develop interoperable IoT
Bosch Software Innovations, Eurotech and Red Hat will be the initial participants in the collaboration

smartcitiesworld.net/news/news/new-industry-collaboration-to-develop-interoperable-iot-1040

From thoughts to deeds
IFS IoT Business Connector to accelerate IoT initiatives

smartcitiesworld.net/news/news/from-thoughts-to-deeds-1049