Inside Secure forecasts increased security needs as the IoT market continues to grow
Gartner predicts the number of “Internet of Things’ devices in use worldwide will grow from an estimated 5 billion in 2015, to some 25 billion connected devices by 2020. The best business strategies will perfectly balance the ever-growing IoT market opportunities versus a rapidly evolving threat environment. To help IoT solution providers define their 2016 product roadmap, here are some of Inside Secure’s top IoT predictions for the year:
IoT hype will become reality
For the past few years, we’ve been inundated with stories of IoT solutions that were either ahead of their time or just outlandish ideas not aimed at solving any pressing problem. Today, IoT use cases that once seemed to be material for sci-fi movies are part of our every day digital life. The recently released Adobe Digital Trends Report indicates “51% of smartphone owners have already interacted with home electronic IoT devices.” Imagining a world where you wake up and your house is already heated to a comfortable temperature and your coffee is ready – not based on a preset time, but based on when you actually woke up doesn’t sound so crazy anymore. In 2016, there will be a growing number of authentic success stories where the IoT provides real value to consumers and enterprises.
Hacks will increase in scope and complexity
The IoT will become an ever more fertile attack surface for governments, cybercriminals, “hacktivists” and even terrorists. As IoT creates many new – and potentially more harmful, even lethal – security threats, hackers will exploit IoT vulnerabilities not only for political or financial gains, but also for thrill seeking, technical hubris and moral reasons by targeting companies they believe are negligent or doing wrong. A series of high-profile car hijackings in the summer of 2015 opened the eyes of consumers and device manufacturers to the dangers of IoT. But this is just the tip of the iceberg ¬– many IoT devices can become a potentially lethal weapon if hacked ¬– and in 2016 we will see the number and complexity of threats to IoT device users increase.
Greater data privacy issues will be exposed
The volume and type of data collected by IoT devices and stored in the cloud can expose extremely sensitive information (such as real‐time biometric and health information, personal behavior and eating habits, and location) in a variety of formats. Smart devices like coffee makers, refrigerators, baby monitors, cars, wearables and medical devices, are often owned by wealthier and therefore more lucrative targets. As a result, data privacy threats, like ransomware, will extend to IoT devices, which collect personal information, but lack appropriate security features. In 2016, this data will increasingly be used by criminals to threaten a collision among connected cars, exposure of personal information about a user’s home electrical and water usage to the highest bidder for nefarious purposes, or the locking of a medical device unless a ransom is paid.
IoT security standards will evolve
New standards are critical for ensuring secure and interoperable IoT devices. Today the consumer IoT market is loosely regulated and lacking security and safety standards. Other markets, such as medical, manufacturing, automotive and transportation, have security and safety standards that must be updated to include IoT devices. In 2016, IoT device makers and solution providers will either help to define new IoT ecosystem security standards that ensure both the efficiency and security promise of IoT are realized or be threatened by lawmakers into compliance.
Manufacturers will get serious about security
In 2016, security will become a competitive differentiator as enterprises and consumers become more security conscious. In turn, IoT device manufacturers will stop treating security as an after thought and start implementing security during production. Vendors that anticipate and bring best-fit security to the IoT market will help device manufacturers address the need for authentication, secure communication, information protection and user privacy. IoT solution providers that are able to balance the value of a hack versus the associated risk and costs of implementation will be able to defend a competitive advantage.
As our daily lives become more digitally dependent, our computing needs are changing, and our security stance must change from reactive to proactive. I believe 2016 will mark a turning point in the IoT industry. Key industry players will collaborate more effectively to see that new security models and standards that address the unique security demands of IoT are implemented. As consumers and enterprises begin to demand products with built in security features, including authentication and encryption capabilities, the industry will respond to ensure that the entire IoT ecosystem is protected because we stand to lose too much if we spend another year taking the wait-and-see approach of years’ past.