THE INTERNET OF THINGS AND CYBER SECURITY: WHAT NEXT?


What is the Internet of Things?


Don’t let the obscure sounding buzzword fool you – the Internet of Things (IoT) quite literally is every device that can connect together and use shared systems. From this, the devices can gather details, analyse this information and set actions or behaviours for a specific task. This might be as simple as switching off a light, to restocking your beer fridge with the touch of a button.

Incredibly, we’ve only just started to scratch the surface with IoT - over 99% of devices that are IoT-compatible are yet to be mass-marketed or deployed en-mass, with developments happening every day.


Why use the IoT?


With the increasing reliance of data in business, it is no surprise that companies are turning to devices that can collect data to help monitor behaviours and drive future purchases. As well as reducing operational costs, they can build a stronger relationship with their customers and foster brand loyalty.  In terms of consumer benefits, IoT interconnectivity creates a chance for tailored interactions and responses with all devices in a network, to create a unique reaction. Brian Solis, from Altimeter, calls this behaviour ‘Digital Darwinism’; as businesses that tailor their services to become more unique for customers, the companies that offer highly bespoke goods or experiences will become more attractive for consumers.

 

Below, you can see the staggering list of some of the items that can be interconnected, as of 2019:

 
How is the Internet of Things influencing Cyber Security?
 
With experts predicting that over 50% of new businesses will be changing their operations to focus on the Internet of Things by 2020 and the promise of a ‘fourth industrial revolution’ on the horizon, it seems that every business is realising the need to embrace the ‘Internet of Things’. A report by Trustwave showed that almost one-third of all interviewees stated IoT strategy was ‘very important’ to business success. It’s clear that IoT has great potential for helping to connect people and places, but it certainly isn’t without risks either.  
With virtually everyone in the modern world tied to their phones and filling you in with the intimacy of their day to day lives - just think how many dog photos you see on Facebook and Instagram every day-, developers are now realising the importance of ensuring their applications are developed with robust cyber security measures in mind. By utilising Wi-Fi and internet connectivity, all IoT devices are potentially vulnerable to being hacked. This lack of security means that data can be compromised, and devices can be taken over, which could be fatal for certain devices, such as drones, large industrial equipment, or personal technology.
 
Some companies have already made headlines for the wrong reasons
 
  • Children’s toy and technology manufacturer Vtech suffered a massive breach in 2015, resulting in various personal photos and details, including customer names and email addresses being acquired by malicious individuals. They were fined £480,000 by the US Federal Trade Commission last year as a result.
  • Samsung’s RF28HMELBSR Smart Fridge, designed to sync with Google Calendar was hacked, in order to allow external users to access confidential and personal Gmail and Google Account details.
  • Huawei’s international operations have been compromised and many countries are banning their devices. Japan, New Zealand, Poland and the United States have already banned the Chinese developers from participating in their 5G Networks, whilst Washington is pushing every country worldwide to reject Huawei.
 
Furthermore, people are uncertain over the integrity of these devices in terms of surveillance and spy potential, especially considering confidential details can sometimes be recorded. Conspiracy theories abound that items like Alexa or Google Home are secretly watching you and although these conspiracy theories seem far-fetched, there is no definitive confirmation one way or another. If this data was leaked or mishandled, it could have massive consequences for unwitting or unsuspecting users.  And of course, with all devices there is the risk of the device breaking as a result of external tampering – you only need to imagine the chaos this could cause to daily lives as a result. Think Space Odyssey 2000, only instead of one HAL 9000, it’s a household of gadgets rebelling against you.
 
How can Organisations secure their IoT?
 
There are a few simple measures that you and your business can take in order to ensure your IoT-connected devices remain secure. Below we’ve listed some of the easiest steps you can take in order to keep your information safe.
 
1)    Biometrics – A mere fifteen years ago, biometrics were seen as something only a secret agent would have, yet here in 2019 it's widely used on mobile phones, tablets and plenty of other handheld devices. However, everyone is human and if you accidentally lose your device, you don’t want anyone being able to access your personal data. Imagine if your lighting and heating services were managed by a central hub run on an IoT mainframe. You wouldn’t want someone to be able to control the temperature in your home, or switch the lights off at will! Fortunately, most smartphones have biometrics including fingerprint recognition, facial and voice scanning – all of which is unique and will keep your data secure.
 
2)    De-identifying Data – Although the Internet of Things is designed to gather huge volumes of data, some companies are taking a bold approach to de-identify personal or confidential information without mandatory access and password measures.
 
3)    Firewalls, access monitoring, and traffic monitoring – Setting up firewalls and digital barriers will prevent external malicious agents or unwitting internal staff from accessing and leaking this data.
 
4)    Security Certifications – Major players like AT&T and Ericsson have started to implement new measures on all devices, called the Cyber Security Certification Program. This accolade marks out their devices as being able to collect data on known IoT breaches and share this data with manufacturers, so developers can launch fixes and resolve these threats as quickly as possible. If buying a device in the future, you should make sure whatever you choose carries this certification.
 
5)    Security by design – If you are developing an application internally, you can eliminate a number of potential IoT concerns by developing your application with security in mind. Communicate with a cyber security application specialist and define your needs and app requirements so they can help you create a service that is both secure and capable of meeting customer needs.
 
Conclusion
 
For any business that wants to continue embracing digital technology (which is every business that wishes to continue existing), the Internet of Things is an essential next step. No business can avoid it, so it’s imperative to ensure that all their devices are secure and the data they transfer is safe. Otherwise, the threat of an overarching entity watching over everything we do and interfering with our lives might not be too far around the corner. It’s certainly not ‘Judgement Day’ yet, but if the right measures aren’t put in, then Skynet 2.0 could be a reality sooner rather than later.
 
If you want to discuss your IoT Cyber Security requirements, or you want to find a new recruit to help you manage this process, then contact Via Resource today.