Security and the Potential of 2 Billion Device Failures

IoT Device Failures

I have, over the past three years, posted a number of Internet of Things (and the broader NIST-defined Cyber Physical Systems) conversations and topics. I have talked about drones, wearables and many other aspects of the Internet of Things.

One of the integration problems has been the number of protocols the various devices use to communicate with one another. The rise of protocol gateways in the cloud service provider market is an incredibly good thing. Basically, this allows an organization to map sensors and other IoT/CPOS device outputs to a cloud gateway that will connect, transfer and communicate with the device – regardless of the device’s protocol of choice.

Racing out of the Gate

horse-race-1507078_640

What the new gateways do is remove integration as a stumbling block for ongoing and future IoT solutions. Pick the wrong horse in the initial protocol race? With a gateway, it doesn’t matter. You can, over time, replace the devices deployed with the orphaned protocol and move forward with your system. The cloud service provider protocol gateway gives you the flexibility to also consider deploying multiple types of sensors and protocols, instead of limiting your organization to one.

The question going forward is this: does the integration provided by the gateway give rise to the broader concept of an IoT broker? This is where the services offered by IoT devices could be parsed out and shared within organizations and companies that are members of the broker. Think of it as being like a buyer’s club for sensors.

From my perspective, the issue that keeps me awake at night is IoT device security. For the most part, IoT devices are often ‘fire and forget’. Yes, occasionally, you may have to change a battery or replace a cellular connection. Sometimes you may have to update how the device is deployed. Others just aren’t going to be attacked because you won’t gain anything. I read an article that wrote about hacking the river monitoring system, causing a flood downstream. I thought about that for a long time, and I realized the reality of flooding is we know when it coming and everyone would be out there with manual measurements anyway. That would work. There are other ways to create an effective attack through the IoT.

It is the security of IoT devices that will become more and more troublesome. Firstly, because the number of them is growing rapidly. From 10 billion or so deployed in 2015 to more than 40 billion devices deployed by 2020. That’s 4 times the devices in the next 4 years.

If we consider the reality of devices, that means that many devices that are deployed today will still be deployed in 4 years. The cost of devices and often the capital expenses for hardware are spread over 3 to 5 years. That means a growing number of devices will be already deployed by 2020. It isn’t a run to the cliff and then leap into 40 billion deployed devices.

2 Billion Device Failures

IOT-DEVICES-BW

What scares me is that there are 10 billion or so devices deployed today. Logically, 2 billion of them will fail. 2 billion more will be replaced naturally. That leaves 6 billion devices deployed with the security solutions of today – that will rapidly become obsolete. That is a fairly expensive number to replace. The gateways mentioned earlier in this article will suddenly appear again. Today, they represent a way to bring multiple IoT protocols together. In the future, they will become the best line of defense for deployed devices.

Deploying secure solutions at the gateway level will be the best defense against attacks for IoT devices that do not have integrated security. The next-best thing would be the deployment of devices with easily removed security modules, but that is a consideration for upcoming devices – not ones deployed today.

A secure IoT future – enabled by a simple cloud gateway.

By Scott Andersen

Data Fallout.png
Disaster Recovery Plan.png
Holiday Photos.png
Viral Infection Wearabletech
The all-new Stellar Repair for MS SQL – an Efficient Tool to Fix SQL Database Corruption
Efficient Tool to Fix SQL Database Corruption SQL database corruption is not uncommon. There are many reasons for SQL database corruption, such as virus infection, bugs in the SQL Server, errors during updates, abrupt system ...
MIT
Smart Manufacturing Startups AI and machine learning's potential to drive greater visibility, control, and insight across shop floors while monitoring machines and processes in real-time continue to attract venture capital. $62 billion is now invested ...
Louis
Why Services CPQ Is Too Slow Today When PS organizations compete in sales cycles, the first competitor to have a complete quote with accurate pricing, schedules, and an engagement plan will often win. However, getting ...
Jonathan Custance
IoT and cloud computing are on the increase High-profile cybersecurity breaches are increasingly in the news, a prime example being the NHS incident of May 2017 when services were brought to a standstill for several ...
Gary Bernstein
WordPress Website Security You've spent time, effort, and money building your website, so don't let it become outdated and run-down by not taking proper care of it. Here are tips on WordPress Website security, speed, ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.