The top 3 hot spots for federal IoT security

We are closer than ever to enjoying the benefits of IoT, so let’s not forget these things need to be secure. It’s a promising technology that must be wrapped with security from the get-go. If we don’t get it right, the consequences can literally be life or death.

Internet of Things city superimposed on padlock
Thinkstock

We’re now just a few weeks into the federal fiscal year, and one of the top focus areas, from an IT perspective, is the role that the internet of things (IoT) will play in federal technology. The federal IoT addressable market will be at least $3 billion in FY18. In many ways, it’s a much hotter trend than cloud was five years ago because it touches users directly. But like cloud, we would be right to be cautious about the cybersecurity implications of IoT, from the edge of the network (sensors and nodes) to the platform where the analytics software and applications sit.

Government agencies are particularly concerned with security at the sensor and gateway level – after all, just one compromised sensor can cause immeasurable security problems. But it’s also important to secure the data streams back and forth from the platform. That can be a daunting task because government users need to centrally manage these various aspects of IoT with middleware and platforms.

As IoT gains ground in government, we need to be especially mindful of three priority areas where cybersecurity must be carefully managed: the battlefield, heath IT and state and local government. Let’s look more closely at each.

Battlefield

In the long term, IoT in the Department of Defense will center on the concentrations of sensors and data in the battlefield. The stakes are higher here, and so are the challenges – remote, harsh and forward environments leave sensors very exposed. But because it’s literally a matter of life and death, it’s critical to secure these devices, especially the sensors and gateways that make up the edge in a hostile environment.

Access at the edge is likely to be very intermittent, very limited and very costly.  There are opportunities for solution providers to find secure ways to make IoT work in austere and disconnected battlefield environments.

Health IT

Health monitoring devices connected to mobile networks provide real-time analytics and alerts when there are fluctuations in patients’ vital statistics. Again, because patients’ lives are in the balance, it’s essential to have cybersecurity address both endpoint and mobile network defense.

But securing devices at medical facilities doesn’t end with heart monitors; it covers all connected medical equipment. The sensitive mission for government healthcare and the need to maintain working facilities at all times makes cybersecurity paramount in this area.

State and local

By some estimates, state and local governments will invest $101.3 billion on IT this year. A good portion of their budgets will be spent on cybersecurity, triggered by IoT and how it’s being used for smart cities projects. State IT executives are more aware of IoT cybersecurity implications than at the federal level because they provide services and critical infrastructure that touch citizens more frequently and directly.

One breach can cost a municipality dearly. Oakland County CIO Phil Bertolini recently said that the cost of a breach can be as much as $240 per record. Multiply that by the number of records affected by a typical attack and the cost quickly becomes staggering. It’s no wonder that cybersecurity concerns for IoT at the state and local level are such a subject of concern.

As we go further into the era of IoT, it’s important to remember that it wraps around all technology categories, and requires data to be properly connected, automated, analyzed, stored and secured. IoT involves not only sensors and devices but also data collection, dissemination, analysis, infrastructure and the cybersecurity that protects it all.

We are closer than ever to enjoying the benefits of IoT, so let’s not forget these things need to be secure. It’s a promising technology that must be wrapped with security from the get-go. If we don’t get it right, the consequences can literally be life or death.

This article is published as part of the IDG Contributor Network. Want to Join?

SUBSCRIBE! Get the best of CSO delivered to your email inbox.