How the IoT Will Change (Almost) Everything in Cybersecurity

Organizations looking to build or adopt connected devices should educate themselves and seek to address a few key questions.
By Brian NeSmith
Jun 18, 2017

The Internet of Things is growing fast, with an estimated 8.4 billion devices expected to be connected this year. As a result of that rapid expansion, the IoT is reshaping the way in which we think about corporate cybersecurity by increasing the attack surface, potentially adding billions of network points of entry for cybercriminals—each one an additional target to be compromised.

Gartner put security at the top of its list of the top 10 IoT technologies for 2017 and 2018, and recent research validates the high priority of cybersecurity and connected things among businesses. One recent survey at Black Hat USA 2016 revealed 70 percent of IT experts who responded indicated that their organization wasn't prepared for IoT-related threats.

While these statistics are real, there also exists a great deal of hype in the market, painting a grave portrait of the IoT and its unique requirements as the grim reaper for businesses. IoT security is a real concern, with open-source cyber-threats like Mirai already showing its potential, but businesses shouldn't believe every scary tale they hear. An attack on any one endpoint doesn't necessarily have to mean all systems are compromised or crippled.

Organizations looking to build or adopt connected devices should educate themselves on how additional endpoints change their threatscape, and should seek to address a few key questions:

What New Vulnerabilities Is the IoT Creating for the Network?
New vulnerabilities are created not just by the expansion of entry points, but by the nature of those entry points. Some of the more common vulnerabilities and concerns that businesses need to prepare for include:

• Insecure Web interfaces: "Internet" is in the name, so step one of IoT security is to make certain the connections themselves are secure.

• Insecure endpoints: Each endpoint is open to an attack, so any that aren't equipped with antivirus software could be infected with malware, opening up the gates to the rest of the network. Businesses will need to keep a watchful eye on how endpoints are behaving and interacting with the rest of the network.

• Mobile interfaces: The IoT happens everywhere, so ensuring a secure mobile strategy is imperative, including monitoring credentials and any accidental exposure.

JOIN THE CONVERSATION ON TWITTER
Loading
ASK THE EXPERTS
Simply enter a question for our experts.
Sign up for the RFID Journal Newsletter
We will never sell or share your information
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations