Heroes aren’t always selfless, and they aren’t always right, but they are always trying to do the right thing. The IoT industry needs to start doing things right, and that means it’s high time to get secure. It seems like we’re always fighting the same old villains, with the same old tactics. Secure the hardware. Encrypt the data. Protect the edge. Anonymize for privacy. Trust the cloud.
Well, the time is now, my super friends. Not later, when “we’ve figured out how to do it.” Not when we are forced to by regulators, because “hackers will always be ahead of us” or “open source will keep us safe.” And certainly not never, when “the machines will handle it.”
These are all excuses we’ve all heard, and even used (by me included) to justify the IoT industry’s slow pace of putting secure devices in the field, using secure connectivity, and most egregiously, keeping the Gorram data safe from bad actors. I won’t be using these lame catchphrases anymore, and I expect the same from you folks.
We need an answer – and today. And if we want this industry to succeed in overcoming the monumental trust gap that I wrote about in the last issue, we have to do it under our own volition and not through force of regulation.
Greed is bad. Laziness is worse. And the consumers who aren’t buying your smart home products, the drivers who don’t want your connected car technology, and the
caregivers who will not incorporate your devices into their loved ones’ lives will never get on board if they get even a whiff of duplicity. And every industrial or B2B company decision maker is part of one or more of those consumer groups, so don’t think you’re immune if you’re all up in the IIoT.
Here’s the thing, though: We have a chance to be the good guys – the Justice League of the IoT. Most of you (hopefully) got into this industry to improve the lives of people, either directly through consumer-facing products, or indirectly by making power grids and transportation infrastructure more efficient. To accomplish those goals, and be the
heroes you were meant to be, you have to take steps now to be the heroes you want to be. And the next steps are security and privacy.
Find the experts who can help you. I’ve interviewed a few on the IoT Time Podcast (check it out here: http://bit.ly/1RTbbBQ), so you can start there. You should also seriously consider attending the security sessions at the IoT Evolution Expo, where you’ll meet hundreds of your peers from whom you can learn and with whom you can collaborate.
(Here’s a write up about it: http://bit.ly/1Y6KqBc).
However you decide to proceed, you’d better do it fast, because there’s a fine line between corporate hero and villain. And nobody wants to go to meetings at the Legion of Doom.
Edited by Ken Briodagh