For anyone who doubted the growth rates of the Internet of Things (IoT), a new report from AT&T will shut those doubts down, and fast. The AT&T report projects that the IoT will reach 50 billion devices strong just by 2020, and a lot of cash will come along with that. However, the AT&T report also notes the need for augmented security for networks as a result, and even offers some perspective on how to go about doing so.
The AT&T report noted that the economic value represented by the IoT could be as much as 11 percent of the entire world's economy, about $11.1 trillion, by just 2025. With all that money involved, however, comes big opportunity for cybercriminals to get in on the action. In 2014, the average estimated annual loss per single incident was $2.7 million. That's up just over a third—34 percent—from the same time in 2013, and there's no sign of it relenting. Just to top it off, over the last two years, AT&T experts have found a 458 percent increase in the number of times IoT devices were scanned for vulnerabilities. That means a clear need for security, and one AT&T is looking to address.
A new report from AT&T titled “The CEO's Guide to Securing the Internet of Things” offers some insight, starting with how 85 percent of businesses are looking into or actively implementing IoT systems, but only 14 percent have a formal process designed to understand how many devices are on hand and how—or even if—these devices are secure. Just 17 percent of firms involved the board in considering IoT security, and that can be a major failing as board involvement can be a big help in driving better security throughout a firm.
Starting toward secure systems can be as simple as a four-step process. Start by assessing the overall risk faced by a company, and then move to secure both devices and information, devices with perimeter security like antivirals and firewalls, and information with encryption. Then focus organizational efforts around IoT maintenance and operations, and examine the legal issues that may be involved, including regulatory matters if such apply.
AT&T's program is particularly worthwhile as it considers all sides of the security equation. While in the past many have focused on perimeter defense and keeping out all intruders, most have been much less equipped to fend off those who actually did manage to breach the system in some way. A look at securing both devices and information makes for the most robust overall security profile, and that's good news for the businesses involved.
IoT security will be particularly important in the months ahead, as more devices come online and pose more potential breach points for overall security. Taking AT&T's advice now may save a lot of time, hassle, and money down the line.
