Changing the Narrative Around IoT Security

Sally Eaves 25/01/2022

In today’s connected economy, working together towards a more secure connected future has never mattered more.

We are at a unique milestone moment where multiple vectors of change are converging, from a global acceleration in digital transformation and application development modernisation, to distributed ways of working, and evolved consumer and employee behaviours and expectations too. This is all supported by emergent technology and IT/OT integration, the rise of APIs, 5G and enterprise IoT, and an inevitable explosion in IoT devices. Indeed, by 2024, it is estimated that the number of IoT connections in the UK alone will increase to an incredible 39.9 million.

Whilst this has created dynamic new opportunities to innovate, it has also diversified the risks consumers face and created new risks for businesses, with IoT security now a leading C-suite priority, concerning silicon vendors, software providers and device manufacturers alike. So, what are the key issues and how can we better address them?

The Key IoT Security Challenges

Source: Science Direct

Whilst cyber threat surface areas continue to expand, the scope, scale and sophistication of attacks continues to escalate too. And with new levels of digital-physical convergence, endpoint choice, flexible workstyles and applications everywhere, we have a much wider perimeter to defend – indeed many of the traditional trust boundaries employing perimeter security just no longer exist. From SME to Enterprise, IoT devices with ever more complex anatomy now represent the most vulnerable part of the network – and are present in both employees’ homes and legacy end points. Coupled with expanded supply chains, IoT security is fast moving beyond a technology issue to one of business resilience and continuity.

On average, there are now 5,200 attacks per month on IoT devices, with 7 million data records compromised every single dayTaking healthcare as an example, some 82% of healthcare systems reported IoT cyberattacks in the last 18 months alone. And these breaches can lead to devastating impacts. The average cost of a successful IoT device attack is over $330,000 with losses extending beyond the financial, to data loss, tarnished reputation, and ultimately the risk of losing probably the biggest currency of our time – trust.

And the list goes on! Additional issues include turning data volume into the data value that drives security insights with active intelligence, the complexity of global legislation and resultant fragmentation of standards and regulations, accessibility and consistency across frameworks, testing and best practices, and ambiguity around liability – all highlighted as challenges in the PSA Certified 2021 Security Report. Indeed, tracking where a risk is coming from across the supply chain ecosystem and then identifying how to tackle it is becoming increasingly complex.

About the Author

Dr. Sally Eaves is a highly experienced chief technology officer, professor in advanced technologies, and a Global Strategic Advisor on digital transformation specializing in the application of emergent technologies, notably AI, 5G, cloud, security, and IoT disciplines, for business and IT transformation, alongside social impact at scale.

An international keynote speaker and author, Sally was an inaugural recipient of the Frontier Technology and Social Impact award, presented at the United Nations, and has been described as the "torchbearer for ethical tech", founding Aspirational Futures to enhance inclusion, diversity, and belonging in the technology space and beyond. Sally is also the chair for the Global Cyber Trust at GFCYBER.

Share this article