Business fears: The need for better security in the Internet of Things
Cybersecurity in business is often overlooked, underfunded or simply not given enough thought. Though recent research by Avast Business found that 96% of SMBs are concerned about malware and ransomware, the ‘it won’t happen to us’ attitude is still just as prevalent as the underlying fear of being hacked.
Why aren’t businesses doing more to protect themselves against the very attacks that they’re afraid of, and what could IoT developers be doing to help minimise risks?, says Greg Mosher, VP of Engineering at Avast Software.
90% of those responding to the survey stated that they had concerns about password hacks, and with 90% of online passwords currently thought to be vulnerable to hacking they are right to be concerned. Internet of Things devices are often left to rely on default passwords, or not password protected at all. This is a major security risk when you consider that IoT technology, like CCTV cameras and heating systems, share their connection with business computers storing huge amounts of sensitive data.
Businesses concerned about hacks should ensure that staff are fully aware of the risks of using easily-cracked passwords, instigating regular password updates using cryptic formulas across all devices.
Are you concerned about password hacks?
US retailer Target became the victim of a substantial attack in 2013 when hackers gained access to customer credit card data via internet connected heating and air-conditioning systems. The potential for security breaches like this may be what led another piece of recent research to list IoT devices as one of the top 10 points of entry that hackers can use to access data.
Corporate data theft
Unauthorised access to corporate data and computer systems cost serious money. 89% of Avast Business’ respondents were concerned about corporate data theft, in no small part due to the estimated £9.2 billion (€10.40 billion) lost to cyber-theft of intellectual property and £7.6 billion (€8.59 billion) lost to cyber-espionage each year in the UK alone. 87% of those surveyed also cited concerns about Wi-Fi security breaches.
Are you concerned about corporate data security and data theft?
In 2015, 74% of small UK businesses and 90% of large UK businesses reported having a security breach of some kind. While there are a range of factors needed to prevent breaches like these and protect data from theft, properly securing Internet of Things devices and patching vulnerabilities should not be overlooked. For those working in IoT development, energy needs to be focused on in-built security measures and the room for additional security protection to be added by users.
At the 2016 RSA Conference, the message was loud and clear: IoT will crash and burn if security doesn’t come first. Though these kinds of devices are generally used on secure private networks, if product development doesn’t spend enough time considering security pitfalls, the devices created won’t be as indispensable as we might like to believe. Weaknesses will be exploited, and when that happens hackers won’t just have access to a single device – they will have control of every device in the network.
For any business hooking up IoT devices to the same networks as their sensitive data, security best practices need to be implemented from day one – and where this opportunity has been missed, adding extra security layers is best done sooner rather than later. Details like these are often overlooked by staff on busy schedules, but the smallest gap in defences can lead to much bigger problems.
AI and the Internet of Things
Interestingly, the Avast Business report also showed that 46% of SMBs had concerns about problems with Artificial Intelligence. But while businesses remain wary of investing in AI, research is showing that cybersecurity can seriously benefit from machine learning. In particular, the Internet of Things has an opportunity to embark on what is being hailed as a digital transformation. By joining super-intelligent machine learning with interconnected devices, anti-malware layers can be strengthened, systems can learn to self-heal and people’s fears about both AI and IoT can be dispelled.
Are you concerned about problems with artificial intelligence (AI)
While there is still plenty to be done in research and development for this new breed of technology, if the Internet of Things can prove that it is taking cybersecurity seriously, businesses of all sizes will be able to divert their fears elsewhere.
The author of this blog is Greg Mosher, VP of Engineering at Avast Software
About the author:
As Avast’s VP of Engineering, Greg Mosher leads product management and R&D for all Avast Business products. Greg brings nearly 20 years of experience in the anti-malware industry, starting in the early 90s when he created his first antivirus engine as both developer and researcher.