March 4, 2016

AT&T Pinpoints 4 Key Elements To Achieving Security With The Internet of Things

By Jeremy Daniel

Internet of Things Security The Internet of Things (IoT) is rapidly becoming a part of many of our business processes, often without us even noticing how quickly things are changing. And while it’s liberating to realize that many of the more flawed or tedious processes will be automated and streamlined, freeing up thousands of man […]

Internet of Things Security

The Internet of Things (IoT) is rapidly becoming a part of many of our business processes, often without us even noticing how quickly things are changing. And while it’s liberating to realize that many of the more flawed or tedious processes will be automated and streamlined, freeing up thousands of man hours, the danger is that organizations can lose track of how vulnerable they are to cyberattacks as the points of contact to the internet multiply.

There are a number of questions which must be asked and answered to ensure security, according to a new report from AT&T entitled:

The CEO’s Guide to Securing the Internet of Things,” its second Cybersecurity Insights report.

This new connected era requires that a company assesses the risks faced, that it secures not only its information but the devices processing that information as well, that it aligns the IOT strategy and security, and defines the legal and regulatory issues at hand.

comic-att

The scale of the change which is coming is worth looking at in detail, to reinforce the scale of the change and how vital it is to adapt. Chances are that if your company is not already plugged into the IoT, then your competitors and your partners probably are, and that you will need to be in the next few years. 85% of the organizations interviewed are “considering, exploring, or implementing an IoT strategy.” One third of companies claim to already have over 5, 000 connected devices but worryingly, “88% of organizations lack confidence in the security of their business partners connected devices.” Estimates vary, but experts agree that there will be between 30 billion and 50 billion connected devices by the year 2020.

Tremendous upside

The upside is tremendous. New revenue models and streams from new products that are transforming homes, vehicles and offices are being developed every day, while huge cost savings are being achieved through better monitoring and efficiency of business processes.

jasonYet all that will count for very little in the face of a massive security breach which could potentially cost a company millions of dollars, as well as the trust of its customers and businesses partners. Jason Porter, AT&T’s Vice-President of Security Solutions believes that “organizations need to infuse security expertise early into the process so that IoT is architected for security.”

The good news is that companies are becoming ever more aware of the threats. Two-thirds of respondents to the survey are planning to invest in IoT security in 2016, and half of them are dedicating at least 25% of their budget to the problem. And there is already a real urgency to it. AT&T’s Security Operations Centre has logged a 458% increase in vulnerability scans of devices connected to the Internet of Things.

Mission-Critical Systems

The consequences of a cyberattack via the Internet of Things could be devastating. If one imagines the mission-critical systems of a self-driving car or an airplane being controlled by hackers, one gets a sense of how badly things can go wrong. Yet there are thousands of less high-profile cases that can wreak havoc. The report mentions “threat scenarios where IoT-connected robots or other remotely actuated machines are compromised, potentially resulting in manufacturing errors, equipment or parts damage, or even employee harm.

So how do you create a strategic and proactive security approach to counter these threats? Taking a broad overview, the key is to build IoT security in at the ground floor. A comprehensive risk assessment which incorporates IoT into your general risk profile is a necessary start. This should be done by running a thorough audit of each and every connected device, as well as the communication protocols, networks and applications. You must assess the Vulnerabilities of each element of the IoT mix and map out a worst-case scenario so that everyone is keenly aware of the ramifications of a breach or a malfunction. Try and minimize the exposure of your most critical functions to IoT devices.

Secondly, realise that perhaps it’s not your information that is the primary concern. Perhaps it’s the devices themselves. “By definition, IoT devices don’t just generate data, but also interact in new ways with the physical world, such as controlling the flow of water or electricity. As a result, you must consider operational security threats, as well as information security concerns.”

Supporting The Chief Security Officer

The internal attitudes of your company towards security are hugely important. When an organization’s board is clearly and publicly committed to security, then there is a general understanding and alignment of forces to create a safe and secure environment. Clear lines of responsibility, consistent systems and a culture that prizes security are invaluable assets to your organization. Consider placing the Chief Security Officer on the board as a show of support and faith in the systems.

Finally, it’s vital that your company understands its legal and regulatory requirements and exposures. The report states that “Beyond information thefts or breaches, the physical and operational parameters of IoT devices can open new types of corporate responsibility and liability,” and that the “The use of multiple vendors in most IoT deployments requires that you assess their level of IoT security.

The Internet of Things is new, exciting and brimming with potential as well as threats. While it can feel overwhelming, it’s critical to not wait until it’s too late to start looking at security. By implementing these four steps, your organization will be set to thrive in this brave new connected world.

Read the full report here

This post is sponsored by AT&T Security

By Jeremy Daniel

Jeremy Daniel

Jeremy Daniel is an author, online marketing strategist and a firm believer in the transformative power of mobile technology for emerging markets. Jeremy has written across various media platforms since 2001, from television to advertising to print, and spends most of his time in the beautiful city of Cape Town, South Africa.

Azure Free Tier vs. AWS Free Tier: Which Provides More Value?

Cloud computing has become a cornerstone for the digital transformation of businesses. From startups to [...]
Read more

Lambda Cold Starts: What They Are and How to Fix Them

What Are Lambda Cold Starts? Lambda cold starts occur when AWS Lambda has to initialize [...]
Read more
Katrina Thompson

Why Zombie APIs are Such an Important Vulnerability

Zombie APIs APIs have a lifecycle, the same as anything else. They are born, they [...]
Read more
Steve Prentice

Get Smarter – The Era of Microlearning 

The Era of Microlearning Becoming employable and then staying employable requires ongoing, up to date [...]
Read more

Exploring SaaS Directories: The Path to Optimal Software Selection

Exploring the Landscape of SaaS Directories SaaS directories are vital in today’s digital age, serving [...]
Read more
Steve Prentice

Episode 19: Why AWS Needs to Become Opinionated about FinOps

On today’s episode of the CloudTweaks podcast, Steve Prentice chats with Rahul Subramaniam, CEO at CloudFix [...]
Read more

SPONSORS

Interviews and Thought Leadership

Algirdas Stasiūnaitis

The Future of Cybersecurity: Insights from Cyber Upgrade’s Founders

AI and Cybersecurity: Innovations and Challenges In the rapidly evolving landscape of technology, where artificial intelligence and cybersecurity shape the future of our digital world, CloudTweaks is pleased to present [...]
Read more
Randy

Karen Buffo, CMO of MixMode, on the Rise of AI in Safeguarding Digital Assets

Welcome to our Q&A session with Karen Buffo, CMO of MixMode, hosted by CloudTweaks. Today, we’ll explore the profound impact of generative Artificial Intelligence (AI) on cybersecurity. As AI takes [...]
Read more

How AI Machine Learning Is Enhancing Customer Experience Across Industries

Elevating Customer Satisfaction: AI’s Impact in Every Sector Recent years have witnessed an incredible transformational leap with regard to Artificial [...]
Read more

Leveraging Artificial Intelligence in Insurance Claims Analytics Software Development

Enhancing Insurance Claims Analysis with AI Technology Nowadays, digital technology affects all aspects of our everyday lives, and the insurance [...]
Read more

The Future of Cybersecurity: Insights from Cyber Upgrade’s Founders

AI and Cybersecurity: Innovations and Challenges In the rapidly evolving landscape of technology, where artificial intelligence and cybersecurity shape the [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.