Managing IoT Data SECURITY RISKS

8669838901?profile=original

We are surrounded!  Smart devices are everywhere and being integrated into all facets of our lives, from toothbrushes to automobiles.  Entire cities are becoming ‘smart’, as are factories, governments, global retail, freight logistics, and all national critical infrastructure sectors.  As individuals, we are becoming hubs for multiple connected devices in our homes and on our persons.  Phones, watches, health monitors, medical devices, and clothing manufactures have joined in to develop connected apparel and accessories.  Cameras, doorbells, appliances, televisions, thermostats, voice assistants, and light fixtures are just the beginning of the digitalization of our homes.  These wonderful tools of the modern world, some no bigger than a coin, provide amazing capabilities and tremendous convenience; they connect and enhance our lives in amazing ways.

Unfortunately, they also introduce equitable risks.  The aggregated risks from all the Internet-of-Things (IoT) devices, now approaching 50 billion in number, adds up to a big problem for everyone. 

Sadly, the dark secret is that IoT and their close cousins Industrial IoT (IIoT) devices which we typically embrace, are very insecure.  These systems are notoriously hackable; the data they create and share is often vulnerable to exposure, and the devices themselves can be leveraged as a platform by attackers to target more important systems in our lives.  IoT insecurity represents one of the next great challenges for the technology industry that is struggling to preserve the trust of consumers from cyber threats which are easily finding ways to undermine the security, privacy, and safety of users.

Most IoT devices are miniature and very limited when it comes to the computing resources necessary for secure capabilities.  It is difficult to know who owns or possesses them, if they have been hacked, and if they are acting in undesired ways.  This makes IoT devices not very trustworthy.  To compound the problem, IoT devices tend to share data over insecure networks like wireless and the Internet.  This mix is a recipe that cybercriminals and hackers enjoy.

The functional backbone for IoT devices is all about gathering, processing, and sharing data.  One of the primary challenges is to protect the data going to and emanating from the devices.  Legacy technology largely fails when it comes to secure communications at this scale and difficulty.  More comprehensive, effective, and sustainable capabilities are needed to keep pace with evolving threats.

Connecting IoT technologies to share data securely is difficult.  Some standards exist for specific use-cases, such a web browsing, but most of the emerging IoT devices and services require a synthetization of architectures, algorithms, and compatibilities that current solutions don’t satisfy.  That is why we are seeing a flood of IoT compromises and the future advances of hackers will only increase the victimization unless something extraordinary happens.

Where there is innovation leadership, hope survives.

Protecting digital data is important for everyone.  Andy Brown, CEO of Sand Hill East, and I penned a joint article Managing IoT Data Breaches, that was published in the Sept 2020 issue of Cybersecurity Magazine, describing the scale and complexity challenges of IoT data protection.  Innovation is needed to safeguard data in the new digital landscape!

 

After 30 years in the industry, I anticipated the future needs and realized the upswell of insecure devices would put everyone at risk if sensitive data could not be protected.  I joined the Eclipz team as an Advisory Board member to help advance and tailor the greatly needed capabilities into the commercial market for everyone’s benefit.  The Board of Directors asked that I join a stellar executive team as the CISO to further help empower the best technology to make devices and the global digital ecosystem more trustworthy. 

Eclipz is an elegant and robust capability to connect untrusted endpoints across insecure networks in ways that protect data from current and evolving threats.  Eclipz is not a product unto itself, but rather an architecture and code integrated into everyday products and services, empowering them to communicate securely.  That makes it ultimately scalable.  It can be applied to protect a vast array of devices, infrastructures, and experiences across every market, making the technology and services people use more secure by protecting the flows of data. The explosion of IoT devices poses one of the greatest attack surfaces ever known and must be better secured.  Eclipz technology can strengthen the foundations of IoT ecosystems for the benefit of the global digital community.

E-mail me when people leave their comments –

CISO and Cybersecurity Strategist

You need to be a member of CISO Platform to add comments!

Join CISO Platform