Combat soldiers are trained to step carefully when exploring new ground. They’re trained to scan their surroundings and watch their steps. The trick is to proceed with caution, fully understanding and analyzing the landscape before pressing forward. The same approach applies in the world of IT – where new environments are constantly being explored and new technologies are tested. As strong IT lays the foundation for any successful business, the ill-prepared will encounter serious hazards along the way.
For most enterprises, the Internet of Things (IoT) represents this unknown frontier. While the catchphrase has grown in popularity and many have a working knowledge of it, fewer understand repercussions associated with IoT strategies. With an estimated 25 billion “things” in use by 2020, IoT has become a defining force in business transformation. Ranging from wireless heartbeat sensors and smart thermostats to fully installed maintenance and repair monitoring, connected devices are impacting every market globally. And while significant time is spent touting the benefits of this connected world, far too few grasp the security implications.
The Internet of Things has certainly proven its worth by optimizing operations, boosting productivity and saving resources – but it also raises the stakes for cyber threats. The trend significantly encroaches on the physical world as billions of things transport data everywhere, meaning connected devices also risk being compromised. Unlike data centers protected by complex firewalls and intrusion detection software, small sensors powering information transfer typically don’t permit use of agents or incorporate the same levels of protection. As connected objects now have the power to alter the surrounding environment, users must prepare for previously unthinkable breaches such as “hacked” wireless home security video cameras or even digitally hijacked driverless vehicles.
HP unveiled a study reporting 70 percent of the most commonly used IoT devices contain serious vulnerabilities. It’s proven that companies just aren’t ready to protect their connected assets. With the trend causing enterprises to completely rethink institutional security procedures, the EY Global Information Security Survey notes almost 60 percent of respondents view it “unlikely or highly unlikely” their organizations can detect sophisticated attacks.
Staying ahead of the unknown, organizations are required to employ new security mindsets – from top to bottom. Every corporate decision must be backed by a thoughtful approach to security – ranging from product development to IoT vendor/partner alignment. Leadership should understand each environment is different, and there is no “one-size-fits-all” for security. This means identifying potential IoT threats up-front and aligning security to match each device’s value to the organization. The result ensures only the most valuable items are protected at the highest levels.
The IoT security process must be fully supported by a comprehensive monitoring and management infrastructure. This means identifying potential threats in real-time and seamlessly taking action to remediate breaches. A solution with real-time analytics also has the power to build a proactive/predictive cycle, preparing for issues before they impact the IoT environment.
Still, no IoT security strategy is complete unless endorsed by the top executives of any organization. Education is essential, with each team member acknowledging the security approach and committing to carrying the policy forward. Linking business strategies to comprehensive security builds policies that drive innovation, open new market channels, and better manage risk.
IoT offers a promising landscape of new possibilities, but organizations need to step carefully as they embark on this journey. With an unprecedented array of new physical devices able to transmit information and change environments around them, security must be ingrained into the very fabric of the Internet of Things. We have some challenging ground to cover, still. Without proper planning, companies just might hit a critical landmine.