Industrial IoT Cyberattacks Continue To Rise

Alex Brisbourne

IoT Industrial Security

The Internet of Things (IoT) includes both traditional electronics and everyday ‘things’ embedded with sensors, computing, and networking capabilities. From smart coffee makers and smart homes to smart lighting and smart cities, IoT is all around us. Even cows are becoming smarter with IoT. For example, Wireless sensors tell farmers when cows get sick or pregnant, transmitting 200 MB per cow a year. However, IoT is not without risks. Risks in Industrial Internet can be financial information and trade secrets. Connected cities bear the risks of Safety, financial information and location. Wearables such as Smartwatches and Smartglasses may reveal financial information and location. The IoT is growing faster than our ability to secure it. Based on a report by Cisco, there was a 300% surge in cyberattacks on IoT related devices just last year. Expect cyberattacks to exponentially increase over the next number of years until we can fill the void with IoT related cyber security specialists.

IoT Industrial Security

(Infographic Source: Cisco)

Selecting Security Partners

When you decide to partner with a third-party provider for your Internet of Things solution, you also partner with that third party’s security vulnerabilities.

Fair or not, your customers will hold you accountable for any security breach related to your company, especially when your brand is the face of the partnership. Companies that must maintain security compliance — like those that have to maintain The Payment Card Industry Data Security Standard — can be found legally liable for their partner’s security deficiencies, so more than your brand will suffer if you trust the wrong firm with your business.

The 2013 Target security breach demonstrated the potential scale of damage that businesses can suffer when third-party providers don’t practice proper security. After stealing credentials from a third-party heating, ventilation, and air conditioning contractor, attackers accessed Target’s systems and stole the credit card data of millions of customers.

Despite the security vulnerability resting with the third party, Target received all the bad press that accompanied the breach. Even today, we refer to the attack as the “Target security breach,” so don’t expect your customers to be understanding and place the blame elsewhere if your partner makes a mistake.

As the IoT becomes more mainstream, attacks like the one on Target will become more common while hackers attempt to use backdoor entrances into company networks and systems. More interconnectivity means more opportunities for breaches, so you must be vigilant when it comes to security standards.

Follow these three steps when vetting potential partners to prevent breaches and maintain the trust of your customers:

  1. Do your research. Don’t trust what someone else tells you. Perform your own security audit of potential partners by visiting their data centers, meeting with their IT security teams, and reviewing their security controls. If you don’t have the expertise to conduct a thorough audit, hire a specialist and don’t cut corners. By spending some money now, you could save yourself from losing much more down the road.
  1. Set high standards. Know what security controls you require from your partners. If a company doesn’t meet your standards, don’t just negotiate a smaller contract; refuse to work with it until all the necessary controls are in place.
  1. Continue to monitor. Once you find the right third-party business, don’t sit back and assume everything will be fine moving forward. Meet with its security team at least once a year to ensure your partner continues to follow and improve the security controls identified in the initial audit. If ownership changes or you notice a lot of organizational turnover, perform another audit to identify deviations and make sure the security you need doesn’t take a backseat to other initiatives.

The IoT will only continue to grow. You must prioritize security within your company and your vendors to ensure that dangerous Vulnerabilities don’t accompany that expansion. Be diligent, stay up-to-date on the latest in data security, and demand a partner that takes security as seriously as you do.

By Alex Brisbourne

Marty

Digital Transformation: Adapting Your Business Online

The Age of Digital Transformation There is little doubt that the transition to cloud computing is driving an insatiable demand for digital transformation. Countless organizations around the world are embarking on a program to change ...
Bill Schmarzo

Master Machine and Human Learning to Win the Digital Transformation Wars

The “Economies of Learning” are more powerful than the “Economies of Scale” This may be my most powerful concept (outside of the Schmarzo Economic Digital Asset Valuation Theorem and the Big Data Business Model Maturity ...
Top 10 Tech Job Skills Predicted To Grow The Fastest In 2021

Top 10 Tech Job Skills Predicted To Grow The Fastest In 2021

Top 10 Tech Job Skills Predicted According to Burning Glass Technologies, the two tech job skills paying the highest salary premiums today and in 2021 are IT Automation ($24,969) and AI & Machine Learning ($14,175) ...
Lauren Brunson

The Growing Need to Consolidate Multi-Tenant Environments

Consolidate Multi-Tenant Environments Over the past four months, countless businesses and universities have scrambled to the cloud to enable their employees and students to work remotely during the global coronavirus pandemic. Managed service providers (MSPs) ...
Kaylamatthews

New Security Regulation – Cybersecurity Maturity Model Certification (CMMC)

Cybersecurity Maturity Model Certification Changes are on the horizon for the Department of Defense (DoD) and its contractors. Late last year, the DoD announced the Cybersecurity Maturity Model Certification (CMMC), which officially released in January. The ...
Simplifying and Streamlining Cloud Management with AI

Simplifying and Streamlining Cloud Management with AI

AI Cloud Management Software with artificial intelligence capabilities layered with cloud computing can allow businesses to improve their data management, visualize insights that represent patterns in information, deliver a better customer experience, and optimize their ...