• Log in
  • About Us
  • Privacy Policy
  • Contact us
Telecoms IT News - VanillaPlus
  • Home
  • News
  • Verticals
    • 4G
    • 5G News
    • Big data analytics
    • Bill & Charge
    • CEM
    • Companies
    • Digital transformation
    • Fraud prevention
    • Managed services
    • Network optimisation
    • NFV Hub
    • OSS
    • People
    • Policy
    • Revenue assurance
    • Revenue management
    • Service assurance
    • Service Provisioning
    • Test & measurement
  • Digital Edition
  • Events
    • Events diary
    • Webinars
  • Videos
  • VP Featured
    • Webinars
    • Podcast
    • Editorial advisory board
    • Expert opinions
    • Hot List
    • Operator View
    • Press releases
    • Reports & whitepapers
    • Special reports
    • Talking Heads
    • Troubleticket
    • Digital Talking Heads
  • Directory
  • Tech Trends
  • Subscribe
 

You are here:

  • Home
  • News
  • Is the Internet of Things broken beyond repair?

Is the Internet of Things broken beyond repair?

19 April, 2016 at 8:00 AM

Is the Internet of Things broken beyond repair?
Simon Moffatt, EMEA director, advanced customer
engineering at ForgeRock

The Internet of Things has come a long way in the five years since the first IoT Day in 2011. But, there is a darker side to its success, with thousands of high-profile hacks having been carried out on connected devices.

So, is the IoT from a security perspective, broken beyond repair? Or, is security simply being overlooked in the race to be first to market? How can we ensure connected devices are not leaving us vulnerable to cyber attack?

We have gathered insight from industry experts, who share their views on what they believe is the solution – if, indeed, there is one – to the ongoing struggle to secure the IoT.

Identity in the IoT – Simon Moffatt, EMEA director, advanced customer engineering at ForgeRock

“The Internet of Things has come a long way in the five years since the first IoT Day in 2011. There is much to celebrate, of course – the creation of connected devices has enhanced our lives at home, at work and even on city-wide scale. However, as exciting as this concept is, the sheer volume of IoT devices has created a vast attack vector, and one that is growing at an unprecedented rate. According to industry analyst firm Gartner, 25 billion connected things will be in use by 2020. That’s more than five times the number of IoT devices in use in 2015.

“Of course, a network this big is bound to attract attention from malicious parties. Sure enough, if you type the words ‘IoT’ and ‘hack’ into Google, you’ll find thousands of examples of attacks on connected devices.

“So how can we combat the threat? Identity management solutions are key to securing the IoT, because they provide a means to understand where these threats are coming from. If a connected device can be identified, it becomes that much easier to confirm that the data it is generating is genuine and can be trusted. And importantly, giving every connected object a validated identity makes it possible to automatically prevent malicious actors from accessing and controlling the devices.”

Avoid IoT security shortcuts – Thomas Fischer, principal threat researcher at Digital Guardian

gadfaghd

Thomas Fischer, principal threat researcher at Digital Guardian

“In the race to be first to market with a new IoT device, organisations are overlooking basic security principles and are putting users at risk. You don’t have to look far for examples of how this could potentially occur. Take a well-established IoT technology such as smart home meters. If criminals were able to access the network these devices communicate through, they could quickly establish usage patterns to monitor when the house is or isn’t occupied and plan a break-in accordingly.

“The time and cost pressures on competing firms to get their latest product to market first is one of the major contributors towards security flaws. These devices are often produced with simplified hardware in order to keep costs down, but this means that they lack basic principals of integrity and failover. Often the more simple and user-friendly these devices become, the less secure they are.

“Companies that attempt to add protection retrospectively will face a task of enormous magnitude, and there’s a much higher chance mistakes will be made and vulnerabilities missed. It is critical that organisations developing IoT technologies – and even those selling them – ensure these products have been developed, built and sold with security in mind.”

A problem of scale – Klaus Gheri, VP & GM network security at Barracuda Networks

Klaus-Gheri-05 (2)

Klaus Gheri, VP & GM network security at Barracuda Networks

“One of the biggest challenges for organisations is making sure that all the data gathered by IoT sensors is fed back to a central location without being eavesdropped, intercepted or modified at all. One of the barriers to securing the IoT is simply that there’s not a ‘one size fits all’ solution. Many of the current IoT security solutions available today are so unwieldy or expensive that it is simply not feasible for businesses to implement them on a large scale.

“When the size of the IoT network goes into the thousands, deploying both the device and a security solution for it becomes a logistical challenge – how do you deploy the equipment? How do you manage its lifecycle? How do you implement security policies? Once you remove these barriers, businesses are far more willing to embrace IoT and do more about security.

“Any tool designed to provide secure, scalable connectivity for the IoT has to be relatively small, inexpensive, lightweight and mountable. It also needs to be easy to ship in large numbers and easy enough to implement and manage so that organisations don’t need to hire a whole new team of security or IT specialists.”

Operating in the cyber security stone age – Richard Beck, head of cyber security at QA

“When it comes to securing the IoT, we’re operating in the equivalent of the cyber security stone age. The security and privacy implications around the growing connectivity of devices is well-documented – an ever increasing attack surface, ever more sophisticated cyber criminals and users’ acceptance that technology will permeate every aspect of their lives.

“As it stands today, from a security and privacy perspective, the IoT is broken. There is no quick fix and we’re operating with an element of risk. What’s the answer? Technology has a role to play for sure. At the very least those organisations and software development teams should consider the privacy challenges of their connected products, devices and platforms. Offering encrypted services, authenticated access should be built in.

“The battle ground for 21st century IoT will be won and lost on the grounds of privacy and security controls. Regulators should at least recommend and in time mandate minimum controls to avoid the continued exposure of our sensitive and private data as we adopted more and more connected technology services at a consumer and business level. This won’t offer 100% protection today, but it might move us on from the cyber security stone age – before the perfect ‘privacy storm’ strikes.”

Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus


category: News, People, Security

Tags: Barracuda Networks, Connectivity, Cyber security, devices, Digital Guardian, ForgeRock, Internet of Things, IoT, IoT device, Klaus Gheri, QA, Security, Simon Moffatt, Thomas Fischer

VanillaPlus Q3 Magazine
 

VanillaPlus Magazine Issue 1 2022: Why IT must catch up with OT to enable 5G monetisation

Is creativity a bridge too far for CSPs? As communications service providers (CSPs) engage in new digital value chains, collaborate with partners and participate in multi-directional business models, George Malim shares a tale of two bridges

READ NOW

Comments are closed.

  • Facebook
  • Twitter
  • YouTube
  • LinkedIn
  • Subscribe
Relax time
Read the new novel by J.J. Cowan on Africa’s conflict minerals trade and forced labour. 5* Reviews on Amazon.co.uk Paperback & Kindle

Check out on Amazon

X

Be the first to know!

  • The top telecom IT news stories of the minute
    in your inbox
  • Exclusive offers for entry into hundreds of
    events worldwide
  • Free access to a huge selection of the latest
    analyst reports and whitepapers
Subscribe now so you don't miss out
Don’t show me this again
Please check your email
x
Vanillaplus - The Global Voice of Telecoms IT
The Global Voice of Telecoms IT

VanillaPlus is the world-leading resource covering digital transformation for the communications industry. VanillaPlus brings you exclusive News, Expert Views, and Event Reviews. See Interviews from CEOs, CTOs, and COOs who are successfully transforming their business today.

Connect

Facebook Twitter YouTube LinkedIn

NEWS

  • Latest Telecoms IT news

DIGITAL EDITION

  • Latest Editions

OTHER

  • Newsletters [Archive]

KNOWLEDGE CENTRE

  • Webinars
  • Special Reports
  • Talking Heads
  • Editorial Advisory Board

COMPANY

  • About
  • Contact Us
  • Terms & Conditions
  • Privacy Policy

PARTNERS

  • IoT News

© 2014-2022 VanillaPlus - The global voice for telecoms IT. All rights reserved.