Given the rapid adoption of the Internet of Things (IoT) security is of paramount importance. Almost 10 million peoplein the UK now own a smart home device (such as Alexa and Google Home) – an increase of 98.6 per cent in just a year. As we connect more things across our homes and workplaces, the potential for hacking and data breaches increases. Cyber attackers will have more areas to exploit – and that spells trouble for business leaders, consumers and IoT adoption as a whole.
So, it begs the question, will we ever get IoT security right?
Learning from the past
To begin with, securing the IoT requires a different approach to the bolt-on cybersecurity practices of the past. Whereas before, a manufacturer could create a computer and then security software could be purchased and loaded-on afterwards, now, because of the size and computing power of individual IoT devices, privacy needs to be part-and-parcel of the manufacturing process. Malware can be layered onto a desktop computer – but it will rapidly slow an IoT device down.
Consistency and trust
Plus, IoT devices will communicate regularly with one another which requires consistency and trust between different manufacturers, vendors and end-users. At the moment, everyone has differing ideas over what should be included in best practice, but there has to be agreement before the IoT moves forward. The IoT cannot provide true value without devices communicating and networking together.
That’s not going to happen unless every stakeholder is 100 per cent reassured that their device is safe when speaking to other devices, that the device has the rights to even be controlling another device. Furthermore, that people who are interacting and using a device have the right clearance to do so.
One challenge to overcome is the perception around security. At the moment, many stakeholders don’t appreciate its value until a breach occurs. Security, up until that point, is hard to quantify, it’s much easier to understand the value of IP in our devices, to know how much R&D you’re investing in it. Indeed, taking this approach can further your security agenda – by giving finance leaders an easier way to quantify the value of IoT security.
Of course, with the IoT, the future is also unpredictable. We cannot predict what devices will be built in a few years, what will be successful and used by every organisation. The sector is fragmented, giving it huge potential – but also some security headaches. Components will have to be flexible. Certification will offer a huge leap forward as it’ll tell stakeholders that a certain device and its components can be trusted.
Finally, the talent required to secure the IoT is growing in demand and hard to resource. For now, organisations are focusing on finding people with wireless networking experience and who understand privacy-by-design – specifically, around end-point vulnerabilities. Sector-specific skills will also set candidates apart. You’ll need very different skills when working in healthcare versus manufacturing, for example.
The IoT will be mainstream in just a few years, so time is fast running out for us to secure it. It’s in everyone’s interests to figure this out now – OEMs, vendors, end-users, and consumers alike. The IoT will be a lucrative sector – and cybersecurity offers a longstanding and fulfilling career in it for candidates with the right skills.
All content produced and published by Paratus People. All rights reserved. ©