The Internet of Things Battleground: Holding off Hackers in a Connected World
‘An Englishman’s home is his castle.’ So goes the famous phrase; though of course it applies to people the world over – when it comes to our homes, we like to be in control. And where is this phrase so ably demonstrated but in the rising trend of the Internet of Things (IoT)?
Consumers now have a myriad of options at their fingers tips, maintaining control of their home’s infrastructure through a variety of mobile device apps – from monitoring the temperature, to turning on lights or checking in on security.
In many ways, this is simply a micro-view of what is happening on a far larger scale within our towns, cities and organizations. The connected world is fuelling huge changes in the way organizations and businesses control infrastructure.
And despite the difference in size and scale, when it comes to cybersecurity risk the challenges faced by both large enterprise and individual homeowners are much the same. The fully connected environments have created a wider attack surface than ever before, a veritable playground for hackers who are now seizing the opportunity to move in and cause havoc.
Aiming to either steal data or simply disrupt the usual process, cyber-attacks are a significant threat to the long-term survival of IoT. Organizations, and indeed consumers, must do all they can to ensure that the objects within their technology environments remain secure.
New World, New Challenges
In the Manufacturing and Production industry specifically, data is of the utmost value. Protecting this data is crucial, and the starting point for any security strategy. However, the very nature of security is in transition.
The scale of the problem is huge. Late last year, Gartner forecasted a 30 per cent rise in the number of connected devices – predicting that by the end of 2016, there would be 6.4bn connected things in use across the world. Moreover, a study published in 2014 found that nearly three-quarters of IoT devices contain serious vulnerabilities and were at risk of cyber-attacks.
There are any number of potential security breaches waiting to happen. From domestic areas such as our kitchens – where one hack forced consumers to reconsider their eating habits after compromised smart-toasters refused to toast anything but healthy, wholemeal bread – through to Steel Mills and Nuclear Facilities or even Air Traffic.
With everything now connected, the impact of security attacks is becoming less predictable. Subsequently, the impact of a breach can have wider implications, going beyond the usual corporate network. Any effective security strategy must have advance knowledge of the dangers of any given scenario – this knowledge can then be put to use in creating the foundation for a secure and safe infrastructure.
How Can Organizations Improve Security?
Adding risk assessments processes into your organization, to better understand the dangers posed by individual network connections is a good place to start. Running both Privacy and Cyber Risk Assessments will give you the best chance of avoiding a data breach.
From there, a fuller insight into the potential impact of a security breach can be developed. Knowing its possible impact, from the havoc it can wreak on partners and customers, through to the internal process it may derail, will help in formulating a plan to combat a hack should one slip through the net.
Next, it’s time to batten down the hatches. Security and protection techniques such as hardening, in which the possible attack surface is reduced, as well as staying up to date on the latest operating system patches and using the latest secure protocols could be the difference in surviving an attack. Additionally, reducing the amount of data being collected means fewer worries over what can go missing in an attack. Ask yourself: is this data mission critical? If not, is it really worthwhile collecting, storing and protecting?
Constant monitoring is also important. You should be the first to know in the event of a breach to give yourself the best chance of acting before customers or stakeholders are affected by the issue.
Finally, simply raising the profile of cyber security awareness across the entire business is vital. Avoiding hacks requires a team effort and the more employees know, the better equipped they will be to stay secure.
The potential impact of IoT is almost beyond measure, offering a wholly new way for even the most traditional industries to operate. However, before we can implement these changes, it is imperative that we plan a safe and secure path on which to do it.