subscribe: Daily Newsletter

 

The challenge of securing IoT

0 comments

Connected devices are already counted in the billions, and analysts predict these numbers will hit 6.4 billion worldwide by the end of the year. While there’s plenty of business potential in these expanding connections, there’s a big downside however – with security vulnerabilities growing exponentially.
Sherry Zameer, senior vice-president: Africa at Gemalto, explains that because the Internet of Things (IoT) makes virtually every aspect of information governance more complicated, providing hacker-tight security has become more complicated too. With more devices and more information comes more vulnerability.
The past 12 months have seen security become top of mind for many organisations as hackers and cyber-criminals have publically outwitted or outpaced many of the businesses they have targeted across the globe. While financial gain, politics and/or morality have motivated these cybercrimes, other attacks have been and continue to be completely random in nature. With the IoT opening up a world of connected devices and information-sharing, cyber-criminals arguably have access to a whole new playground. This is especially the case where connection is outpacing protection.
“According to the latest research on the IoT conducted by Telecom.com Intelligence, 67% of respondents said that the IoT is more vulnerable than existing services due to the sheer number of devices and connections being formed on the network,” he adds.
While 27% of respondents already experience one attack every month, 25% now manage two to four attacks, with an alarming 6% attacked five to 10 times monthly. Of even more concern is the fact that nearly 10% of all respondents are attacked by DDoS (Distributed Denial of Service) more than 10 times per month, which implies a high level of hacker flexibility. “This type of attack can result in significant reputational damage and impact user trust, increasing customer churn,” says Zameer. “65% of respondents consider it presents unique security challenges for mobile network operators,” he says.
The research also indicates that organisations are most concerned about the infection of additional malware and the risk of other viruses, with 19% of respondents noting loss of connectivity as the biggest risk factor. “These evolving threats put tremendous pressure on service providers to build and strengthen security in the network, and at least 25% or more of respondents expect security spend to increase year-on-year as a result.”
When looking at telecoms operators however, the ability to activate services for customers on-demand is equally important – with 90% highlighting the need to prioritise specific device-generated traffic on their network. “The sheer number of connected objects represents a massive opportunity for mobile operators, but for success of applications in the IoT, reliable and trusted connectivity is essential,” explains Zameer.
Even though the connectivity of IoT devices and sensors presents opportunity in abundance, substantial challenges are limiting this potential. Network operators and enterprise companies alike have to guarantee and manage device connectivity while collecting valuable insight from the data that’s being communicated. Having a dedicated connectivity or enablement platform that is scalable and flexible enough to meet needs is therefore critical.
Linked to this is, of course, security. According to the research, in the context of the IoT, security relates to enhancing service delivery with faster time-to-market (29%), reducing service delivery costs (23%), ensuring scalability for service growth (23%), and improving reliability and performance (23%). “Service continuity is a major challenge when it comes to optimising IoT connectivity and services, not to mention the ability to deliver a seamless solution that includes connectivity, visibility, control and security,” adds Zameer.
The majority of survey respondents (83%) are willing to increase their spending on IoT security, 21% plan to increase by up to 50% their investments while 13% will double their investments on security. As such, companies need to move to strategies where they focus on protecting data beyond the perimeter. Data encryption is proving critical in instances where a perpetrator manages to get past a network’s perimeter defences as they are unable to use the data.
To this end, strong authentication solutions to secure access to the data are being combined with data encryption and encryption management keys to rather ensure “secure breaches”: where the perimeter is accessed but the data cannot be used.
With the next 12 months sure to bring exciting new developments in the IoT space, the stakes remain high. “The threats and risks are unrelenting, and players are going to have to work smartly to keep up. That being said, the opportunity of the IoT to impact and shape our world for the better cannot be ignored – and players need to partner to find solutions that enable it,” concludes Zameer.