- by Lyndon_Henry, Blogger
- 1/5/2017 4:22:36 PM
It blows my mind that, after all the repeated talk about the risks of IOT that there is still this problem of the underdeveloped security aspect.
I was interested in what the outlook for IoT (particularly security considerations) was in 2017. A Google search found the following rather informative Forbes article from just a couple of days ago: Internet Of Things (IoT) Outlook For 2017.
There's a lot of interesting issues to discuss here, but what especially caught my eye was the summary outlook for IoT security:
Security gets its due. We finally began to take security seriously in 2016, largely because we saw IoT hacks. The big denial-of-service attack in October, and the potential of a drone injecting a malicious virus via lights (from outside a building), caused great concern throughout the industry. We saw some solid announcements, such as the Industrial Internet Consortium releasing its security framework. With all the new vulnerable devices now being put into service, 2017 will see hackers continue to exploit IoT systems. Expect large scale breaches, as hackers look for newly connected devices in the energy and transportation areas.
The section starts out sounding comforting ... until you get to the last two sentences:
With all the new vulnerable devices now being put into service, 2017 will see hackers continue to exploit IoT systems. Expect large scale breaches, as hackers look for newly connected devices in the energy and transportation areas.
- 1/3/2017 8:30:05 PM
The grand vision of IoT has always had "pie-in-the-sky" dreams of it intersecting across every avenue of consumer and enterprise life. IBM's collateral going back to 2010 or so indicates as much, for instance.
Now that we're getting closer to reaching that reality, however, only now are the data-privacy, cybersecurity, and other downsides becoming more readily apparent of that IoT vision.
- by Lyndon_Henry, Blogger
- 1/3/2017 4:37:34 AM
T Sweeney writes
Pretty safe to predict that in 2017 marketers will start to back away from how great and connected the IoT is. If they're smart, they'll focus on locking down its numerous vulnerabilities.
IoT made sense to me on a small scale, mainly industrial or commerical. I was impressed by that Amtrak maintenance manager's ability to access data on his smartphone about all the locomotives in the Amtrak system (running or stationary) at any point in time.
It seems to me all the developers and vendors associated with IoT were both starry-eyed (unrealistic) and greedy with respect to the expansion of the system to just about everything. The implications in terms of sensors alone seemed staggering to me.
The security issues clearly have been grossly underestimated and ignored, and I would second the call for a focus on locking down vulnerabilities.
- 1/1/2017 1:36:41 AM
@T Sweeney: Indeed, it's hard enough for IT managers to keep up to date on their patching and patching needs in a "regular" environment -- let alone one where IoT is thrown into the mix!
At an IoT security conference I attended earlier this year, a number of vendors presented themselves as concerning themselves and their customers with this very issue -- helping customers to manage patches, certificates, and the like for their IoT-enabled networks. The demand appears to be there, too.
- 1/1/2017 1:35:05 AM
@Broadway: The funny thing is, even though the Dyn DDoS attack T Sweeney references happened only this year, IoT botnets taking down the Internet already had a proof of concept more than three years ago.
And people ignored the signs then, too.
- 1/1/2017 1:34:04 AM
@T: I think that reputation will come back. We still have all kinds of cloud computing buzz, after all -- despite all of the cloud hacks we've faced.
And people still shop at Target and Home Depot. ;)
- by Broadway0474, Blogger
- 12/31/2016 5:40:58 PM
It blows my mind that, after all the repeated talk about the risks of IOT that there is still this problem of the underdeveloped security aspect. What gives?
- by T Sweeney, Blogger
- 12/31/2016 3:01:44 PM
Agreed, @Zimana... but a big chunk of managing technology is updating and patching and closing off software vulnerabilities, and so far, IoT has done a terrible job of managing the security side of things.
That doesn't make it unique in the cosmology of technologies that enterprises use, but its highly distributed nature creates wide-scale vulnerability that should give everyone pause.