BY Richard Summerfield
Much has been made of the Internet of Things (IoT) over the last few years. Heralded as the dawning of a new technological era, or perhaps the next industrial revolution, the IoT will see smart devices of all shapes and sizes combine to create a network of connected devices communicating and sharing vast quantities of highly valuable data.
Although the technology is still in something of a nascent state, it is slowly beginning to live up to its reputation. Smart or connected devices are becoming more common, and generating considerable amounts of data. The IoT will, and is, changing the way firms do business, making new capabilities possible and introducing efficiencies to companies to help them remain competitive in an increasingly crowded marketplace.
For many companies, these predicted data flows are seemingly too good an opportunity to pass up, and firms are rushing headlong into the burgeoning IoT space. According to a report from AT&T, 'Exploring IoT Security', which surveyed 500 companies around the world with more than 1000 employees, 85 percent of organisations are exploring the prospect of implementing connected devices across their enterprises.
However, the scramble to gain a part of the IoT market is not without risks; indeed, for companies hoping to incorporate the IoT into their wider operations, the proliferation of connected devices will expose their businesses to considerable cyber security risks. AT&T’s data suggests that just 10 percent of the firms surveyed are confident in the security of connected devices. With more and more companies marrying their products with connected technology, the importance of effective and efficient cyber security is obvious. According to AT&T, by 2020 there will be around 50 billion smart devices ‘in the wild’. With smart technology finding its way into everything from home heating systems to cars, organisations cannot afford to neglect their cyber security obligations.
Given that the cost of a cyber attack can run into the millions, organisations must be prepared - yet data suggests that many companies are still scrambling to get their houses in order. Alarmingly, the report notes that only 47 percent of respondents say their organisations analyse connected device security logs and alerts more than once a day. Furthermore, only 14 percent of companies have instituted a formal auditing process to help understand whether their devices are secure and how many devices they have; only 17 percent of companies involve their boards in decision-making around IoT security.Obviously, improvement is needed.
Efforts are underway to improve cyber security provisions. The report recommends that companies: (i) assess their risk; (ii) secure both information and devices; (iii) align their organisation and governance for IoT; and (iv) define their legal and regulatory issues.
Clearly, these measures would be a good starting point for any firm; however, more must be done - and quickly, if the IoT is to fulfil its potential as a true technological game changer.
Report: Exploring IoT Security