As TechRadar pointed out, Ericsson once predicted that by 2020 we would have 50 billion Internet-Connected Things (IoT). Well, we may not have met that mark. However, there is no doubt that IoT plays an essential role in today’s digitized world. In that Tech Radar piece, Steve Knibbs writes, “From gaining greater insight into operations to streamlining processes, through to new revenue opportunities and creating features which drive value for customers – IoT knows no bounds for innovation.” Despite such an opportunity, there is still a major element holding IoT back. That is cybersecurity. Along with the surge in attacks, the threat landscape has also significantly expanded. Much of that expansion has been associated with the increase in IoT dependency. Although these concerns have been piqued, adoption of this tech certainly won’t stop. Cisco has revised expectations to a total of nearly 75 billion connected devices by 2025. So then, the question is how do we make this established future more secure?
Challenges Facing Connected Devices
There are a number of reasons connected devices are vulnerable and supporting events that demonstrate those vulnerabilities. Bleeping Computer recently summarized them into three main categories starting with hackers. Cybercriminals have quickly taken to building strategies around the widespread access infiltrating connected endpoints can provide. The article points to medical devices as an example of this issue. If a hacker were able to get into an MRI machine, then they could eventually work their way through that to the workstation where images and patient data may be processed and so on.
The second category is the supply chain developed around connected systems. In many industries, the integration of IoT tech also comes with a complex network of third parties meaning that a flaw in one contributor could have detrimental trickle-down effects. For instance, when customers downloaded a malicious update through third-party Orion software, the SolarWinds debacle unfolded.
Third is universal deployment of open source libraries. From viewing a web page to playing a video game, these libraries apply almost everywhere, so an attack on one can be extremely impactful. Case in point, log4j accrued more than 1.8 million attacks in the first few days of its vulnerability being exposed.
Protecting Connected Devices
Now that we’ve set up the types of challenges present, we can move to addressing how we go about handling them. Implementing a layered cybersecurity course of action will help to meet the varying security needs of the many assets involved in an operation. Another aspect of protecting connected devices is automation. By automating, organizations can monitor the software bill of materials attached to each device and manage vulnerabilities beginning at early stages on through postproduction.
As we implement such tools though, it is important to understand that we don’t understand everything. While vulnerabilities like those named above are encompassing, they do not provide a finished picture. There is still a lot to learn about the threats against IoT, including ones that may not even exist just yet. Therefore, when putting a digital hygiene plan into place, whether at a large corporation or individual level, having an open mind will be critical. It’s clear that the environment is constantly evolving and so should a cybersecurity approach.
Looking to the Future
Having a willingness to adjust is especially crucial as we look to the future. A PYMNTS report stated, “we expect to see digital transformation progress as more people engage digitally in more activities more often and as innovators create more, better, relevant and valuable digital solutions that leapfrog physical substitutions or create new ways to access products or services.” IoT is just one part of what has become known as Industry 4.0. As both public and private sectors continue entering this developing technical era, an additional driver is the further integration of 5G networks. The growing connection between all things demands high speed, which 5G seeks to satisfy. According to MIT Technology Review, “JP Morgan predicts that the global enterprise opportunity for 5G will exceed $700 billion by 2030.” Much like IoT though, the wider application of this innovation will likely come with security issues as well. The key will be in having foresight, the willingness to learn and an invested interest in activating proactive cybersecurity frameworks.
Sources:
- “The next wave of security innovation with IoT” – Steve Knibbs, Tech Radar
https://www.techradar.com/features/the-next-wave-of-security-innovation-with-iot - “3 Reasons Connected Devices are More Vulnerable than Ever” – Bleeping Computer
https://www.bleepingcomputer.com/news/security/3-reasons-connected-devices-are-more-vulnerable-than-ever/ - “How the World Does Digital: Digital Transformation Is Now at Only 27% of its Full Potential” – PYMNTS
https://www.pymnts.com/connectedeconomy/2022/digital-transformation-only-27-percent-full-potential/ - “5G private networks enable business everywhere” – MIT Technology Review
https://www.technologyreview.com/2022/05/19/1052138/5g-private-networks-enable-business-everywhere/