CIOReview
CIOREVIEW >> Data Integration >>

Cybersecurity in the Era of the Internet of Things

Steve Durbin, MD, Information Security Forum
Steve Durbin, MD, Information Security Forum

Steve Durbin, MD, Information Security Forum

Cybersecurity-attacks continue to become more innovative and sophisticated with each passing day. Unfortunately, while businesses are developing new security mechanisms, cybercriminals are developing new techniques to evade them. At the same time, along with the growth in the sophistication of cyber-attacks, so has our dependence on the Internet and technology.

The Internet of Things (IoT) holds the potential to empower and advance nearly each and every individual and business. In today’s fully-connected, global society, we’re always on and always getting information from a variety of different sources. This is the heart of the IoT. Everything is connected and speaking to each other.

In the years to come, IoT devices will help businesses track remote assets and integrate them into new and existing processes. They will also provide real-time information on asset status, location and functionality that will improve asset utilization and productivity and aid decision making. But, the security threats of the IoT are broad and potentially very devastating. The organizations must ensure that technology for both, consumers and companies, adhere to high standards of both safety and security.

Dealing with the IoT at Home and Work

With the growth of the IoT, we’re seeing the creation of tremendous opportunities for enterprises to develop new services and products that will offer increased convenience and satisfaction to their consumers. The rise of objects that connect themselves to the Internet is releasing an outpouring of new opportunities for data gathering, predictive analytics and IT automation.

Smartphones will be the motherboard for the IoT, creating a prime target for malicious actors. Unauthorized users will target and siphon sensitive information from these devices via insecure mobile applications. The level of hyperconnectivity means that access to one application on the smartphone can mean access to all of a user’s connected devices.

The rapid uptake of Bring Your Own Device (BYOD), and the introduction of wearable devices in the workplace, is increasing an already high demand for mobile applications for both work and home. To meet this increased demand, developers working under intense pressure, and on paper-thin profit margins, are sacrificing security and thorough testing in favor of speed of delivery and the lowest cost. This will result in poor quality products that can be more easily hijacked by criminals or hacktivists.

The information that individuals store on mobile devices already makes them attractive targets for hackers, specifically “for fun” hackers, and criminals. At the same time the amount of applications people download to their personal

grow. But do the applications access more information than necessary and perform as expected? Worst case scenario, applications can be infected with malware that steals the user’s information – tens of thousands of smartphones are thought to be infected with one particular type of malware alone. This will only worsen as hackers and malware providers switch their attention to the hyper-connected landscape of mobile devices.

Privacy and Regulation

Just as privacy has developed into a highly regulated discipline, the same will happen for data breaches sourced in the IoT environment. Fines for data breaches will increase. As more regulators wake up to the potential for insecure storage and processing of information, they will demand more transparency from organizations and impose even bigger fines.

Organizations that get on the front foot now and prepare for stricter data breach laws with bigger fines for non-compliance will find themselves ahead of the curve and in customers’ good graces. They’ll also make better business decisions along the way.

Great Potential Equals Great Risk

The IoT has great potential for consumers as well as for businesses. While the IoT is still in its infancy, we have a chance to build in new approaches to security if we start preparing now. Security teams should take the initiative to research security best practices to secure these emerging devices, and be prepared to update their security policies as even more interconnected devices make their way onto enterprise networks.

Enterprises with the appropriate expertise, leadership, policy and strategy in place will be agile enough to respond to the inevitable security lapses. Those who do not closely monitor the growth of the IoT may find themselves on the outside looking in.

tag

IoT

Read Also

Sharing the Skies, The Drone Evolution

Sharing the Skies, The Drone Evolution

Kat Swain, Senior Director of UAS programs, AOPA
Drones and Data: Designing a Framework to Maximize Innovation

Drones and Data: Designing a Framework to Maximize Innovation

Jason Diamond, North American Community of Practice Lead for UAVs, Arcadis
The Sky Truly is the Limit

The Sky Truly is the Limit

Sam Perry, MBA, ACHE, Director of Operations, McKenzie County Healthcare Systems, Inc.
Compressed Gases to Revolutionize Drone Technology

Compressed Gases to Revolutionize Drone Technology

Dave Cadogan, Director Innovation, Air Liquide
Planning for Devops - Considerations Before Taking the Leap

Planning for Devops - Considerations Before Taking the Leap

Scott Benham, Vice President, Software Engineering, American Public Education, Inc.
The Importance Of an ITSM Platform To Effectively Manage It Operations

The Importance Of an ITSM Platform To Effectively Manage It Operations

Azunna Anyanwu, Director of Information Technology, Aronson LLC