Security and the Internet of Things - Take Two

By Carl Ford February 02, 2018

The first step is admission, so let me say it now: I was wrong!

I have been looking at the obstacles for adoption of IoT, and one of them has been security. If you are part of this industry you have heard the joke. “IoT; the S is for security”.  Candidly this joke upsets me – tremendously.

In the article about industrial controls I talked briefly about the computer worm Stuxnet. Kim Setter from Wired magazine covers it well with “Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon” .  While the system originally targeted Siemens Industrial Controls via Microsoft Windows computers specifically in Iran’s nuclear program, the ability to penetrate industrial controls was not known for at least five years. 

As Richard Soley of the Industrial Internet Consortiums conveys, there are two kinds of companies “those that know they have been hacked, and those that do not.” This is the real problem for IoT. It’s not a place where people work and live. Things only tell you they are in trouble if you design for it.  For more than 40 years we have not designed for systems to tell us everything including security.

Now with all this said, where is my error? The answer is in my projection where the solution can be found.

I believe the answer to managing a legacy problem can be solved by networking, and my thought process was that this would be done by IT. 

Candidly, I showed my age. Twenty years ago when I left the large organizations, IT was a strategic asset and had a lot of command and control.  One more aspect (victim?) of digital transformation is IT. In today’s market place, IT is an expense line, not an asset.

In the past month I have talked to third-party maintenance firms, staff augmentation companies (including Crossfire Consulting, my parent company), and of course cloud providers. Now in theory the chief information security officer can be the hope for a network security solution.

Ken Briodagh advocates that the problem needs to be solved in the hardware. Recently I spoke with Dipti Vanchani, vice president and general manager of the Internet of Things Group at Intel Corp. Intel and others have enabled identity in the silica with their Enhanced Privacy ID, eliminating a lot of opportunity for human error and deliberate malice. In effect security is becoming integrated in the operations.

The reason I wanted to solve this at the network layer is because operationally IoT is in lots of different areas within a corporation: buildings, manufacturing, retail, and supply chain.  

Edited by Ken Briodagh

Partner, Crossfire Media

Related Articles

IoT Zombie Apocalypse and Post-Quantum Crypto: A Q&A with Infineon's Steve Hanna

By: Paula Bernier    2/23/2018

Steve Hanna has seen it all. But one thing Infineon's senior principal has not seen - and doesn't want to see - is the IoT zombie apocalypse.

Read More

Sustainable Smart Cities and How Natalia Olson-Urtecho Leads with Passion

By: Cynthia S. Artin    2/23/2018

Natalia Olson-­Urtecho is a city planner by education, a technologist by life­long learning, and a visionary strategist in the brave new world of conn…

Read More

IoT Accelerators on the Rise

By: Ken Briodagh    2/22/2018

Everyone in the IoT is looking for the best way to grow the industry, while also finding partners that will help their own companies grow. At the mome…

Read More

IoT for The Aging: You're Never Too Old To Innovate

By: Special Guest    2/22/2018

In the digital era of smarter cities and smarter homes, one of the biggest potential markets for IoT solutions is enabling aging people to remain inde…

Read More

Haltian Delivers Devices and Data to Lindstrom Textile Company

By: Ken Briodagh    2/22/2018

Finnish Internet of Things (IoT) device manufacturer Haltian reportedly is supplying Lindström with more than 100,000 IoT devices and a managed IoT da…

Read More