• United States



The CSO IoT Survival Guide

News Analysis
Jan 11, 20165 mins
Internet of ThingsSecurity

internet of things 2015
Credit: Thinkstock

The Internet of Things, or IoT, is expected to grow to become a $1.7 trillion market by 2020, up from $655.8 billion it reached in 2014, according to research firm IDC. Many of these devices will be consumer devices, to be sure, but many more will be enterprise and business devices. Gartner estimates that there are more than 1.6 billion business-connected IoT devices. And the growth is just getting started, and will reach 8 billion by 2020.

With billions of newly connected devices coming online within the next four years, security managers are going to find themselves with a new and complex challenge on their hands, as they look for ways to manage and protect not only the availability and security of these devices, but all of the data that they generate that will be needed to store and analyze.

While CSO has been discussing what IoT means for security for a number of years now, the risks are much less hypothetical now, and we are starting to see real world incidents and research, including everything from security systems to automobiles having been shown to be vulnerable to attack. All of this could prove to be a real security headache as everything from corporate fleets to manufacturing floors to smart buildings become “end-points” CISOs must protect.

How are IoT vendors doing so far. Consider this quote from Marc Blackmer,
 product marketing manager, Industry Solutions, at Cisco from this Q&A with Network World editor in chief John Dix: “IoT is the Wild West right now. We don’t know what it’s going to look like, where it’s going. We’re right at the cusp and, while there’s a lot of opportunity, there is an intrinsic vulnerability because too often security is bolted on after the fact. So what concerns me is a rush to market to take advantage of the opportunities and not building in the necessary security and privacy protections, meaning we have to patch that together down the road,” Blackmer said.

While IoT is just ramping up, now is the time for enterprise security teams to get the management of these right, while the challenge is manageable, and CISOs can position themselves in front of the problem. And with that in mind, we’ve handpicked a number of the most relevant features and analysis stories that have recently appeared in CSO to help you get started:

IoT vulnerabilities and implications

Internet of things devices contain high number of vulnerabilities

Security researchers from Hewlett-Packard found 250 security issues when analyzing 10 popular IoT devices

Q&A: The security implications of IoT: A roundtable discussion with four experts

The Internet of Things (IoT) will usher in a new era of network intelligence and automation, but its arrival raises a host of serious security questions. Network World Editor in Chief John Dix explores the topic in depth with four experts.

Black Hat 2014: The challenge of securing embedded devices and IoT on display

Industry doesn’t yet fully realize extent of subversion possible through IoT security, researchers say.

The Internet of Things: Top five threats to IoT devices

Though having so many devices interconnected can be convenient, it also comes a bevy of new threats. Where do we need to be cautious?

Black Hat 2015: IoT devices can become transmitters to steal data

Researcher shows a hacked printer transmitting signals, says other devices likely vulnerable.

Q&A Schneier on ‘really bad’ IoT security: ‘It’s going to come crashing down’

Security expert Bruce Schneier says the Internet of Things will mean insecure devices attached to networks will become attack points and there’s nothing to be done about stopping the problem.

Why CIOs should worry about the Internet of Things

The Internet of Things brings with it the promise gee-whiz applications and life-changing innovation. But one thing’s for sure – there are as many questions as there will be gigabytes of data being poured into your data centers.

Challenges and attaining IoT security and privacy

What the Internet of Things means for security

With more and more objects are connected via technology these days, it’s time to investigate how they can be secured.

ARM acquisition highlights quest to embed IoT security

Chip makers such as ARM and Intel are working to improve security in software and hardware.

Senators to push privacy, security legislation for IoT

Some Democratic senators want new laws that mandate security and privacy measures on the Internet of Things, as concern grows over personal data collected by connected devices.

Interdependence: Good for community, bad for the IoT

Dr. Dan Geer tells audience at the Security of Things Forum that the multiple weaknesses of embedded devices put the Internet of Things, and its millions of users, at high risk.

5 ways to prepare for Internet of Things security threats

Excitement over IoT benefits may soon give way to concern over the uncertain security outlook.

Internet of Things demands security by design

FTC Chairwoman Edith Ramirez takes the stage at CES to caution vendors in the hot IoT space to bake in security and privacy controls, and to give users options to limit data collection.

Five myths (debunked) about security and privacy for Internet of Things

IoT has the potential to enable improvements to so many facets of life, the list is endless. Its primary advancement is enabling the interconnectedness of “things” and resulting insights and synergies. Yet that same connectedness raises concerns for security and privacy that must be addressed.