INSIGHT: Security in the Internet of Things age - Makers vs. Operators
- 25 August, 2015 06:14
Internet of Things (IoT) security is a hot topic among security and risk professionals. It seems as if every "thing" on the market is becoming smarter and more interactive.
As the level of IoT device maturity increases so does the level of risk of data and device compromise. The scary thing is that we really have no idea what IoT devices are in our environment let alone the correct way to secure them.
Both IoT product makers and IoT product operators need to understand the security implications of IoT devices.
Security in IoT involves product makers rethinking how they create technologies, secure code and hardware, develop new offerings, and ensure the privacy of the data they collect.
These areas of security are not typically areas that automobile, manufacturing, and retail technology makers have had to consider in the past.
The scale of IoT devices in each vertical is enough to employ a small army of developers who are yet not up to speed on the latest secure code and hardware concepts.
On the other side of the coin, enterprises have the unenviable position of implementing these poorly coded and built technologies. Overwhelming pressure will come from competing enterprises causing an increase in IoT adoption to improve business efficiencies.
IoT will become pervasive, and mandatory, throughout every vertical from gas and electric to automotive. The threat landscape in these areas will be immense.
A flashback to the mid 1990's web security days is highly probable with vulnerabilities being discovered in IoT products at an astonishing rate.
We're already seeing a significant pick up in IoT related security presentations at major industry conferences such as Black Hat USA and at last years RSA security conference. Where the researchers go, the hackers soon follow.
By Tyler Shields - Research Analyst, Forrester Research