Businesses are looking to claim their stake in the Internet of Things (IoT). But with all this excitement and eagerness to profit from IoT, are businesses forgetting about the security risks? Are they taking the time to consider adopting strategies to mitigate them?
IoT is already here providing consumers with new experiences. For example, consumers can wear a device around their wrist transmitting their progress in a fitness program to all their friends and family. There are also devices that allow consumers to set their home thermostat from their smartphones.
In the automotive industry, cars can connect to a consumer’s smartphone or offer roadside assistance. Extending the technology to the cloud gives automakers even more data. The direction this industry can take is wide open.
In manufacturing, 35% of manufacturers already use sensors. They use them to track assets on a shop floor or to monitor equipment. The collection of this data has helped manufacturers to minimize costs and improve getting goods to market. These are just some of the benefits reaped by implementing IoT.
Overall, the number of connected devices is forecasted to explode by 2020 hitting 50 billion units.
But with any new opportunity comes risk. In all the excitement of increased connectivity and enhanced services, it’s important for businesses to remember to think about making it secure. With all the efforts being invested to incorporate IoT into a business strategy, security threats can diminish these initiatives.
Many devices today do not have security and privacy measures in place. Hackers have already started to exploit this. They hijacked internet-connected CCTV cameras to form a botnet launching Distributed Denial-of-service (DDoS) attacks targeting businesses around the world. Researchers at a security firm uncovered the attack when signed up by a jewelry shop to protect the site from a DDoS.
At an unnamed steel mill in Germany, hackers used a spear phishing attack to infiltrate the network. Once in, parts of the plant began to fail and a blast furnace could not be shut down in the usual manner. This caused extensive damages.
These are just a couple of examples demonstrating the vulnerabilities of IoT devices. Many of these devices lack security as part of its design and extend the attack surface. They do not support the current authentication protocols and have limited processing power to support encryption methods.
Businesses need to include security as part of the design of their IoT devices to circumvent attacks. In a report by Gartner, they are forecasting worldwide spending on IoT security to hit $348 million in 2016 with it increasing to $547 million by 2018. The spending is considered to be moderate and will only continue to increase at a faster rate by 2020.
Although the spending on IoT security is moderate, the report says that “IoT will account for less than 10 percent of IT security budgets.” If businesses are only willing to invest less than 10 percent on IoT security, how secure will their network truly be? Security vendors will be challenged to try and meet these limited budgets which may only result in other issues.
In the new connected world created by IoT, companies are working diligently to incorporate strategies to take advantage of the wealth of opportunity. A business can look at new cost efficiencies and additional ways to generate new forms of revenue. But with all this excitement and opportunity, security needs to be thought of and addressed as part of the business strategy. Failing to do so will leave a business vulnerable and open to malware and other attacks.