AT&T Pinpoints 4 Key Elements To Achieving Security With The Internet of Things

Internet of Things Security

The Internet of Things (IoT) is rapidly becoming a part of many of our business processes, often without us even noticing how quickly things are changing. And while it’s liberating to realize that many of the more flawed or tedious processes will be automated and streamlined, freeing up thousands of man hours, the danger is that organizations can lose track of how vulnerable they are to cyberattacks as the points of contact to the internet multiply.

There are a number of questions which must be asked and answered to ensure security, according to a new report from AT&T entitled:

The CEO’s Guide to Securing the Internet of Things,” its second Cybersecurity Insights report.

This new connected era requires that a company assesses the risks faced, that it secures not only its information but the devices processing that information as well, that it aligns the IOT strategy and security, and defines the legal and regulatory issues at hand.

comic-att

The scale of the change which is coming is worth looking at in detail, to reinforce the scale of the change and how vital it is to adapt. Chances are that if your company is not already plugged into the IoT, then your competitors and your partners probably are, and that you will need to be in the next few years. 85% of the organizations interviewed are “considering, exploring, or implementing an IoT strategy.” One third of companies claim to already have over 5, 000 connected devices but worryingly, “88% of organizations lack confidence in the security of their business partners connected devices.” Estimates vary, but experts agree that there will be between 30 billion and 50 billion connected devices by the year 2020.

Tremendous upside

The upside is tremendous. New revenue models and streams from new products that are transforming homes, vehicles and offices are being developed every day, while huge cost savings are being achieved through better monitoring and efficiency of business processes.

jasonYet all that will count for very little in the face of a massive security breach which could potentially cost a company millions of dollars, as well as the trust of its customers and businesses partners. Jason Porter, AT&T’s Vice-President of Security Solutions believes that “organizations need to infuse security expertise early into the process so that IoT is architected for security.”

The good news is that companies are becoming ever more aware of the threats. Two-thirds of respondents to the survey are planning to invest in IoT security in 2016, and half of them are dedicating at least 25% of their budget to the problem. And there is already a real urgency to it. AT&T’s Security Operations Centre has logged a 458% increase in vulnerability scans of devices connected to the Internet of Things.

Mission-Critical Systems

The consequences of a cyberattack via the Internet of Things could be devastating. If one imagines the mission-critical systems of a self-driving car or an airplane being controlled by hackers, one gets a sense of how badly things can go wrong. Yet there are thousands of less high-profile cases that can wreak havoc. The report mentions “threat scenarios where IoT-connected robots or other remotely actuated machines are compromised, potentially resulting in manufacturing errors, equipment or parts damage, or even employee harm.

So how do you create a strategic and proactive security approach to counter these threats? Taking a broad overview, the key is to build IoT security in at the ground floor. A comprehensive risk assessment which incorporates IoT into your general risk profile is a necessary start. This should be done by running a thorough audit of each and every connected device, as well as the communication protocols, networks and applications. You must assess the Vulnerabilities of each element of the IoT mix and map out a worst-case scenario so that everyone is keenly aware of the ramifications of a breach or a malfunction. Try and minimize the exposure of your most critical functions to IoT devices.

Secondly, realise that perhaps it’s not your information that is the primary concern. Perhaps it’s the devices themselves. “By definition, IoT devices don’t just generate data, but also interact in new ways with the physical world, such as controlling the flow of water or electricity. As a result, you must consider operational security threats, as well as information security concerns.”

Supporting The Chief Security Officer

The internal attitudes of your company towards security are hugely important. When an organization’s board is clearly and publicly committed to security, then there is a general understanding and alignment of forces to create a safe and secure environment. Clear lines of responsibility, consistent systems and a culture that prizes security are invaluable assets to your organization. Consider placing the Chief Security Officer on the board as a show of support and faith in the systems.

Finally, it’s vital that your company understands its legal and regulatory requirements and exposures. The report states that “Beyond information thefts or breaches, the physical and operational parameters of IoT devices can open new types of corporate responsibility and liability,” and that the “The use of multiple vendors in most IoT deployments requires that you assess their level of IoT security.

The Internet of Things is new, exciting and brimming with potential as well as threats. While it can feel overwhelming, it’s critical to not wait until it’s too late to start looking at security. By implementing these four steps, your organization will be set to thrive in this brave new connected world.

Read the full report here

This post is sponsored by AT&T Security

By Jeremy Daniel

Or Lenchner

Seeing what consumers see: opening the internet with IPPN

Opening the internet with IPPN To remain competitive and profitable, all brands must be data-gatherers. This is part of any brand’s daily routine, but a ...
Human Resources

Web Optimization Could Transform Your Organization – A Cost Containment Strategy

A Cost Containment Strategy With more and more resources available in the cloud, it’s easy to lose track of your costs and handicap the whole ...
Chandani Patel Volansys

Pillars of AWS Well-Architected Framework

Well-Architected Framework Cloud computing is proliferating each passing year denoting that there are plenty of opportunities. Creating a cloud solution calls for a strong architecture ...
Steve Prentice

Episode 1: Why Small and Medium Sized Businesses Need an MSP

Small and Medium Sized Businesses Need an MSP Small and medium-sized businesses don’t enjoy the benefits of a large IT department. What should they consider ...
It Speed

Choosing a New Cloud Provider? Let the Workload Be Your Guide

Improving IT efficiency, delivery, and cost structure There’s no question that customers are embracing cloud for all types of workloads. Whether the workloads are mission-critical, ...
Hacker Cloud

Pandemic and Cybersecurity: Top Threats to Businesses

Pandemic and Cybersecurity The worldwide spread of the COVID-19 virus is coming to naught (or at least we hope so). But the impact that this ...
Aarti Parikh

What are the Capabilities of the AWS Serverless Platform?

AWS Serverless Platform AWS serverless compute services allow to build and deploy applications on AWS cloud without having to manage the servers. AWS serverless platform ...
Jeremy Daniel

Find Competitive Advantage through AWS by Partnering With The Experts

Setting up your cloud configuration is too important to not involve the experts MediaTemple & CloudTweaks Thought Leadership Brand Series So many great business ideas ...
Bill Talbot

How IT Operations Can Survive and Thrive in a Multi-cloud World

IT Operations Can Thrive in a Multi-cloud World IT operations teams are contending with the reality that growing volumes of workloads are running across multiple ...
Mark Kirstein

IT Pros Can Now Deliver a More Streamlined, Cost-Efficient Migration of Microsoft Teams

IT Pros Deliver a More Streamlined Migration of Microsoft Teams In the modern workplace, the ability for employees to collaborate and engage with each other ...