The Internet of Things (IoT) is a hot topic at the moment, with companies and consumers increasingly recognising the benefits of what it can offer. Research firm Gartner has predicted that there will be 26 billion connected devices by 2020, so businesses that ignore the IoT will certainly be left behind in the coming years.
However, a great deal of attention has been paid to the issue of IoT security recently, with a number of high-profile attacks hitting networks and disabling devices. So what should you be doing to secure your connected devices and make sure your data is as protected as possible?
The most recent IoT attack to hit the headlines was the BrickerBot worm, which hacked into and disabled connected devices, rendering them as useful as bricks. It was carried out by a self-styled vigilante, who said that he had done so in order to teach IoT device owners a lesson about security.
The hacker, known as the Janit0r, had attacked devices that had not had the default factory password changed, which he said would have left them open to more malicious attackers, who could have then accessed sensitive information.
Although he caused severe problems for the owners of those devices as they were no longer able to be used, many industry experts praised him for bringing this issue to the attention of device manufacturers and users.
Adam Clark Estes wrote on Gizmodo.com that the Janit0r was his new hero and that although he had broken the law, he had done it for “a valiant reason” in attempting to get the manufacturers of IoT devices to take security more seriously.
Automation in security
Attacks like those are highlighting the importance of keeping the IoT secure. With the Centre for Economics and Business Research having predicted that the IoT will add £322 billion to the UK economy by 2020, it is an industry that will need protection. Eran Barak, chief executive and co-founder of security firm Hexadite, has said that artificial intelligence (AI) and automation are key to securing the IoT.
Writing on InformationSecurityBuzz.com, he said that AI-based security tools are able to “automatically investigate every alert, instead of simply prioritising alerts to match capacity”. He explained that they can automate the collection of contextual information from other network detection systems or logs and “immediately exonerate or incriminate threats,” adding that they can also automate the remediation process, for example, quarantining a file or killing a process.
Automation and AI will also free up human experts to deal with more complicated security problems, which could then allow for greater creativity and innovation in the fight against hackers.
Mobile device management
Hackers could potentially destroy business performance by accessing information they shouldn’t and disabling devices. When this is the reality, companies need to make sure that they’re doing everything to protect themselves.
With so many IoT-connected devices controlled from smartphones and tablets, it makes sense secure them. Leaving these phones and tablets vulnerable to attackers could then pose risks to the devices controlled by them.
It has become vital to have an appropriate mobile device management system in place for firms that allow employees to connect their own devices to company networks. In an increasingly connected world, every device needs to be protected.
The Internet of Things is here and it is now up to everyone involved in the industry to keep it as safe as possible.
Share This Post, Choose Your Platform!
With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.