November 18, 2016 | Written by: Karen Lewis
Share this post:
Concerns about IoT security are prevalent, some are unfounded, while others are completely justified. Just do a quick search and you’ll find articles posted hours, days, even minutes ago. This topic weighs heavily on the minds of consumers and enterprises alike. Can someone tap into my home security system? Are my car brakes going to be disabled by a hacker? Will my child’s privacy be compromised by a toy? These types of fears are impacting the adoption of Internet of Things technologies because consumers are leery and enterprises are hesitant.
Navigating a safe path to opportunity
Recent DDoS attacks have been caused, in part, by IoT devices, highlighting the need for vigilance with IoT security from devices through to IoT platforms. The attacks underline the importance of being able to view, manage and update IoT devices and firmware after the point of manufacture. Do you really want to offer innovative new products and services to customers until you are positive about the security of IoT endpoints?
When an organization’s confidence is shaken, it can take months, even years, to re-build a relationship and reputation. If you end up as a front page news story because your security has been compromised, the process of regaining trust can be costly in every sense of the word. Trust is an underlying tenant between any consumer and the organization with which the consumer interacts.
Yes, the Internet of Things provides an amazing opportunity for individuals and enterprises. The ability to access and create new data is redefining the boundaries of consumer personalization – from product creation through to service delivery – the IoT is creating an abundance of opportunity to interact, learn, and subsequently transform the customer experience. However, as the number of new sensors and devices increases, the level of integration and access points along the way to exchange data with traditional enterprise systems increases – potentially creating new or unidentified vulnerabilities for cyber criminals to exploit.
Taking a proactive approach to keeping IoT secure
Many organizations are divided with some companies allowing concerns about IoT security to inhibit their progress, while other organizations are moving forward with IoT solutions, aware of concerns, yet taking proactive measures to protect their infrastructure. The first step to understanding the value in the protection IoT security provides is to understand the ramifications a weak security can cause – diminishing brand reputation, compromising customer data integrity, exposing vulnerability, creating adverse operational impact, and preventing compliance with any or all areas of corporate, industry, and government regulations.
While CISOs are adept in dealing with IT security and employing the sophisticated tools to secure the perimeters of the enterprise, as well as the inroads to mission-critical enterprise systems, the nature of IoT devices and the scale of the IoT landscape presents even the most prepared IT organization with a multitude of unique threats, exposures and operational challenges. Before letting loose the IoT genie, a CISO will want to fully understand the risks and concerns associated with IoT solutions in advance of signing off on a deployment strategy. For this reason, it is imperative that development teams and business sponsors driving the development and adoption of IoT apps take pre-emptive measures to secure access to all IoT devices and related data.
How do IoT and IT Security differ?
IoT security must be more robust than IT security because IoT devices are connected to the physical world. The two areas differ based on the following factors:
- Environment: devices may be exposed to natural elements and may be deployed in ‘hostile environments’ leaving them vulnerable for tampering;
- Variety: there are significantly more types of IoT devices and different types of networks than enterprise IT devices;
- Volume: billions of IoT devices compared to millions of IT devices connected to enterprise systems;
- Consequence: if an IT device is hacked, you may end up as a news story… but if an IoT device like a piece of medical equipment stops functioning because the security has been compromised, this could be a dire situation for the patient and drastically change the risk profile for the company;
- Organization: IoT bridges information systems (CIO) and operational systems (COO) who may have different points of view as to whether security is a protector or a barrier for progress.
Confidently embark on your cognitive IoT journey
IBM’s IoT Security solutions can help manage the integrity of your IoT solutions. IBM Watson IoT Platform is designed to protect your organization through enhanced security features. Additionally, our advanced IoT security pack visualizes critical risks, creates policy-driven mitigation actions and automates operational responses for IoT devices. IBM also offers assessment and modeling service options to facilitate holistic planning to safely accelerate IoT adoption.
Download the latest IBM positioning paper regarding IoT Security. Learn about security and privacy implications unique to a cognitive IoT system, the challenges and opportunities discovered in the latest cognitive IoT research, and best practices in securing your cognitive IoT solutions, including technologies such as Blockchain.
Continue learning more about IBM Cognitive IoT and staying secure.
Help us test the boundaries. Sign up for the security beta to experience the latest IoT Security capabilities available for Watson IoT Platform.