Who will ensure security in IoT?
13 Jun, 20195 minutesSoon, we’ll be raiding our smart fridge for breakfast, travelling to work in connected cars,...
Soon, we’ll be raiding our smart fridge for breakfast, travelling to work in connected cars, and having meetings arranged by Alexa. But with this proliferation comes a heightened risk of cyber-attacks.
Security concerns in IoT
While IoT popularity is rising, so too are the associated risks. From designers and manufacturers to the people operating the IoT systems on their devices, there are many dangers.
Just some of the security concerns include:
- Weak passwords
- Poor privacy protection
- Insecure ecosystem interfaces
- Outdated components
- Insecure data transfer
- Poor physical hardening
And there are many more.
Why security is important in IoT
A survey carried out in 2019 found that eight in 10 organisations experienced cyberattacks on their IoT devices over a 12 month period. 90 per cent suffered from downtime or compromised customer data/safety as a result. Not only does that put customers at risk, but the average cost of a cyber-attack on IoT devices is estimated at more than $330,000 per incident.
Evidently, it’s in everyone’s best interests to prevent this from occurring. But where does the responsibility lie?
Public and private sectors working together to improve security in IoT
Governments are beginning to realise their responsibility in ensuring the safety of the IoT, but politicians and legislators are limited in their knowledge of the devices. So, it’s up to private organisations to plug this knowledge gap and collaborate with politicians to effectively police the IoT.
For some, this is already happening. Amazon, Miele, Panasonic, Yale, Philips and Samsung have been consulting with the UK Government, and all have identified a need for the security of IoT devices to be prioritised during design and development.
Who is needed to secure the IoT?
With 46 per cent of unprepared organisations stating that they lack the skills to address these issues, companies should look to individuals who can pave the way for safer devices.
To effectively secure the IoT, you need the right talent. As the IoT grows, the demand for such workers will increase dramatically. The problem is that cybersecurity experts with previous experience in the IoT will initially be hard to find, as the technology is still in its relative infancy.
Organisations will have to broaden their search to include candidates with related experience. Alternatively, existing cybersecurity team members can be upskilled while contract or freelance experts offer another short-term solution. They can plug any skills gaps whilst team members are trained-up, or permanent employees are recruited.
What to look for in an IoT cybersecurity candidate
Generally speaking, a strong IoT cybersecurity recruit will show knowledge of end-point device security and life cycle management. They’ll have wireless networking experience – including potential security vulnerabilities – and know how to do a risk analysis of specific devices.
Beyond your cybersecurity team, other employees should understand their part in keeping IoT devices secure. Everyone should be aware of the IoT risks and how they can prevent data leaks or hacks; using unauthorised IoT devices, for example, must be avoided. Regular checks of the equipment are essential, as is adapting any existing security and IT policies to consider IoT devices.
Everyone must be involved to ensure consistent security in IoT
The IoT is a widespread change for all organisations and industries, so it’s little surprise that securing it is an industry-wide, public and private affair. With technology as vast as the IoT, every party with a vested interest must play their role.
It’s only by working together that we can make sure the IoT is a force for good and can meet its full potential. For each organisation, that effort begins with talent. Without skilled people involved, any effort to secure the IoT will be haphazard and ill-informed.
We source the best expert individuals locally and internationally for a range of IoT and cybersecurity roles. Get in touch today.