As the next industrial revolution, the Internet of Things (IoT) offers not just incredible opportunities for value creation but also presents infinite possibilities to potentially impact on how human beings live, work and interact with technological devices. Whether it is about remotely analyzing how your car performs, using your smartphone to switch on and off the lighting system of your home, or using automated management of your workplace, IoT is already making a seriously impactful entrance into various aspects of the way we live and work today. Astonishingly, this is just the beginning, and it is set to grow a million folds with many analysts predicting that there will be over 26 billion connected devices by 2020 and over 80 billion connected devices by 2025. If these numbers are anything to go by, it is understandable as to why IoT is increasingly becoming a topic of discussion not just in the workplace and in businesses, but also in our daily lives.
In essence, IoT is the ability of a new category of devices to connect, communicate and transfer data to each other with little or no human involvement, and is already carving out a huge place for itself in the consumer market. Variety of devices such as thermostats, smart home locks, as well as lighting and energy monitors are already integrating tiny computer chips, multiple sensors and communication devices to facilitate communication between these devices and other computing devices including smartphones, laptops, computers and cloud servers.
Simply put, IoT is a massive network of connected devices allowing a communication, such as; machine to machine (M2M), people to things and people to people.
Benefits of Internet of Things to Businesses Organizations
With the above-mentioned capabilities, there is no doubt that IoT offers people, businesses and enterprises a plethora of concrete benefits. IoT offers people and businesses alike the possibility of reducing operational costs, making more accurate decisions and receiving information in real time, among many other tremendous benefits. For instance, IoT healthcare devices will afford people the chance of fully and deeply look at their own health without having to rely on a doctor.
The latest studies indicate that more than 25% of business organizations have already implemented IoT solutions into their systems, and it is expected that this number would swell close to 50% by the end of 2018. This is because businesses are increasingly convinced on the benefits of IoT in terms of enhancing productivity and reducing operational costs.
Are Businesses Pausing to Consider Colossal Cybersecurity Risks Associated with IoT?
It is very clear that manufacturers, vendors and customers (which include businesses and individuals) have joined the full-speed IoT bandwagon and are probably only concerned with its benefits going into the future. However, the question is; are they pausing, even for a minute, to deliberate on the huge cyber-security risks that they are exposed to as a result of implementing IoT solutions?
Apart from the influx of entry points that IoT can create in a business, especially in organizations where Bring Your Own Device (BYOD) policy is allowed, there are currently no Cybersecurity standards for IoT solutions and devices. In other words, the use of IoT can create an abysmal cyber-security hole in businesses and homes alike. Take a moment to consider this; how do you upgrade the operating system (OS) of a smart home lock? No idea. This only brings forth many more questions.
Suppose you cannot upgrade an OS on your IoT device or solution. Then, how can you cover any weaknesses or exposures? In such a scenario, getting hacked will leave you and your business in a pretty terrible network of vulnerability after vulnerability.
That is why there are a growing number of IoT hacks and breaches making headlines every now and then. Add this to the fact that researchers are strongly predicting that 25% of cyber-attacks will solely target IoT devices by 2020, and it becomes obvious that businesses are in a pretty disastrous position as far as IoT cybersecurity is concerned.
According to Symantec, over $3 billion were lost in the last three years through email scams sent to over 400 companies every day!
While a study by MoneySupermarket shows that UK consumers are conscious of the security risks that are associated with IoT devices, many businesses tend to disregard these threats and are more concerned with its cost-saving benefits. Worryingly, 54% of businesses using IoT devices do not involve the use of third-party security tools to safeguard their devices from outside hackers and inside threats. Again, close to 35% of businesses using IoT devices do not regularly change their default passwords, making them even more vulnerable to sustained attacks.
Without being too dramatic, it is true to say that today’s IoT landscape is almost akin to the early days of the internet where users were plagued by serious worms, viruses and email spams. Lots of businesses and companies raced to be part of the internet ‘bandwagon’ without properly considering the significance of cybersecurity, and history is repeating itself under our very own eyes.
So, when talking and looking at the benefits of IoT devices and solutions, businesses and individuals alike should seriously take into consideration that IoT devices could potentially aid in the wiping out of organizations, businesses, cities or even the human race should they end in the hands of dangerous and unregulated minds.
What are the Solutions to these Evident Security Flaws of IoT?
To begin with, all stakeholders should come together to ensure that proper security standards are effected on business-installed IoT devices. For instance, there should be a certification to enable consumers to know and only use trusted and secured devices. Should a device be deemed insecure and a threat, it should be isolated and its certification is withdrawn.
Again, IoT manufacturers and vendors should ensure that their devices can be upgraded and patched in the event of any vulnerability and should also ensure that their IoT devices are free from any known vulnerability before hitting the market. This is already underway in the United States with the new proposed bill, The Internet of Things (IoT) Cybersecurity Improvement Act of 2017.
On their part, businesses should double or even triple their cybersecurity budget in order to totally protect the organization against risks and threats that may be brought by IoT devices.
There is no doubt that IoT is the in-thing; an industrial revolution that will potentially transform the world and change how businesses operate and the way people go about their everyday tasks and schedules. However, all stakeholders should take IoT security seriously and not just as an afterthought. These devices should be secure both by design and default and business should prioritize IoT security on all fronts. Without this, IoT devices will be ticking time bombs and businesses will be walking directly into unfathomable security apocalypse.