The ‘Internet of Things’ or IoT is set to both change and challenge data privacy for businesses, as its mighty expansion continues on course. For those unfamiliar with the term, the Internet of Things or IoT in short, is essentially a network of internet connected objects able to collect and exchange data. Leading research consultancy group Gartner, have further defined IoT as ‘the network of physical objects that contain embedded technology to communicate and sense or interact with their internal states or the external environment’.
IoT devices are as a result changing the threat landscape in cyber security with embedded ‘smart technology’. The sheer number of devices is something to consider, to fully understand just how much of a threat they pose to data security. Gartner have estimated that 20 billion devices will be in use by 2020, and by 2022 global spending on IoT is expected to reach $1.2 Trillion according to the IDC. The speed of evolution of IoT devices means an increasingly complex system, which offers huge opportunities to businesses as well as greater society.
Spending on consumer devices remains marginally ahead of those from other industries but businesses are fast catching up, for example they are engaging smart electric meters and security cameras to ease everyday activities. However, for the majority of businesses the cyber-security risks of doing so have not been fully explored by companies in terms of their data security. The Harvard Business Review have commented that executives who try to tackle this cybersecurity challenge, ‘with the same mindset and tools that they’ve been using all along are setting themselves up for continued failure’. So, what do businesses need to know? And what should they be doing to keep their data security reflexes supple?
Cybersecurity Risks for Your Business
Thanks to its vast nature, the (IoT) industry is incredibly complex to regulate. Devices are so varied in their purpose (from digital assistants to medical devices like pacemakers and blood glucose machines) that efforts to do so have been patchy at best. Bruce Schneier, a lecturer at Harvard argues and author of “Click here to kill me” told the New York Times that “only government intervention can save us from such emerging calamities”. The director of National Intelligence in the U.S. was too in agreement of their danger to national security of risks involved in employing multitudes of IoT technologies.
But tech companies and smaller suppliers of smart IoT devices are more concerned with driving growth and pushing sales, than pausing to consider the effects of how vulnerable un-regulated smart devices accessing confidential company data. For example, digital home assistants, like Alexa and Google Home, have submitted patent applications to remove the need for a wake word to activate the listening powers of the device. In the C-suite, the presence of such a digital assistant, could impose a huge threat to confidentiality and data privacy.
Yet, researchers are positive that IoT can be leveraged for enhanced business success as long as management are proactive. A common pitfall, according to Deloitte, for businesses integrating IoT technology is ‘failing to create a comprehensive cyber-physical security system’. Security experts agree that the best way to approach IoT security is to remove 100% human responsibility and instead reply on an intelligent security system, one that can understand IoT technology at a deeper level that human interaction can. Businesses who fail to identify the need for an intelligent security system will suffer the consequences of thousands of cyber security weak spots.