Internet of Things is here: But what about Security of Everything?

Vaidyanathan Iyer
06 Jun 2016

Internet of Things is here: But what about Security of Everything?

Data in all its forms has exploded across the world. And now with Internet of Things (IoT), even the mundane is now connected to the inter-webs. Our fridge, the entrance to our home, the washing machine, the door to our car and the garage, shoes and even the beat of our hearts, everything is connected.

There is no doubt that having an interconnected world, where we can control all aspects will make life ever more so simple and easier to manage. Imagine scenarios where we can, with the touch of an icon on our phone, have hot water for tea ready even before reaching home, or the AC turned on 15 minutes prior to reaching the office? The scenarios and use cases are only limited by our imagination.

Though the promise of IoT is still in its infancy, it envisages a world of connected devices and gadgets that are constantly monitored, and communicating with its environment. However, with great connectivity, come even greater threats of safety and security. Imagine opening our homes and the minutiae of our lives to anybody with a laptop.

Sophisticated attacks and hacks have grown to such an extent that now, even the fridge or the internet-abled car door is not immune. And as we move into an ever more connected Universe, the threat meter will continue to rise. Gartner says by 2020, there will be a quarter billion connected vehicles on the road and ABI Research pegs the number of active wireless connected devices across the globe to exceed 40 billion in the next four years.

An example of the security threat can be gained from the experiment conducted in July 2015, wherein a team of researchers were able to take total control of a Jeep SUV using the vehicle’s CAN bus. By exploiting a firmware update vulnerability, they hijacked the vehicle over the Sprint cellular network and discovered they could make it speed up, slow down and even veer off the road.

The Jeep hack is a proof of concept for emerging Internet of Things (IoT) threats. While companies are very good at providing network security apparatus for the core business functions, they often ignore the security of peripheral devices or networks, the consequences of which can be disastrous.

This is not the case only with the automotive sector, the security loophole is prominent in all the sectors be it power and water, healthcare, fitness, FMCG, banking etc. In fact, the latest IBM X-Force 2016 Cyber Security Intelligence Index notes that healthcare was the main target of attackers in 2015.

The rising demand for IoT is also a wake-up call for companies to focus their attention on security and to assure customers that their data is protected with an end-to-end approach, a ‘security of everything’ model for the safety of all the data being streamed constantly to the cloud and internet. The security apparatus at a company needs to be as pervasive as the Internet of Everything itself and will need to adopt – and perhaps necessarily become – the approach of a security company in the way it protects its business, data and its people.

Given the proliferation of attacks, globally there is a recognition for companies to come together to counter the threats. The Internet of Things Security Foundation, a non-profit body, has been founded and will set the standards that will need to be followed by all IoT devices, and will offer security assistance to tech providers, system adopters and end users.

Besides the above, internally, companies also need to ensure that the gateways used to connect to the internet are secure and the data repositories where all the IoT information is stored on the cloud are also made hacker proof. Security updates for each and every IoT device should also be seamlessly enabled so that new learning can be put into play as soon as possible.

As the pace of IoT adoption picks up, the security aspect will be one of the major factors that will influence its acceptance and wide spread implementation in our day to day lives. Added to that, it isn’t just about being prepared, but more now, about carefully planning to ensure you safeguard your ‘necessity’, your security!

The author is Business Unit Executive, IBM Security.


Comments Comments(0)

Topclass Reporters