Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Partner Conferences
  • Newsletter
  • Subscribe
  • News
  • About us
Apac

  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Cloud

    Cyber Security

    DevOps

    Drone

    HPC

    Internet of Things

    IT Services

    Networking

    Robotics

    Simulation

    Smart City

    Startup

    Storage

    Unified Communication

    Web Development

    Wireless

  • Automotive

    Banking

    Compliance

    Construction

    E-Commerce

    Education

    FinTech

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Travel and Hospitality

  • IBM

    Intel

    Microsoft

    Oracle

    Salesforce

    SAP

  • Business Process Management

    CEM

    Cognitive

    Collaboration

    Contact Center

    Corporate Finance

    Data Center

    Enterprise Asset Management

    Enterprise Performance Management

    ERP

    Field Service

    Fleet Management

    Gamification

    HR Technology

    IT Service Management

    Managed Services

    PLM

    Procurement

    Project Management

Menu
    • Agile
    • Banking
    • SAP
    • Cloud
    • Cognitive
    • Compliance
    • Contact Center
    • Cyber Security
    • Sports
    • Procurement
    • Corporate Finance
    • Gov and Public
    • Healthcare
    • HR Technology
    • Media and Entertainment
    • Managed Services
    • Manufacturing
    • Construction
    • Logistics
    • Oracle
    • Wireless
    • Retail
    More
    Cyber Security Sports Procurement Corporate Finance Gov and Public Healthcare HR Technology Media and Entertainment Managed Services Manufacturing Construction Logistics Oracle Wireless Retail
    ×

    Subscribe to our Newsletter

    news
    news

    Join our mailing list for the latest articles, news, and exclusive insights from prominent technology leaders

    loading
    SUBSCRIBE

    Thank You for subscribing with us. We sent you an email regarding this.

    news

    • Home
    • Internet of Things
    Editor's Pick (1 - 4 of 8)
    left
    Digital transformation - Gaining Momentum in Operational Technology (OT)

    Martin Schlatter, CIO and Regional CEO, APAC, NTT Security

    Connecting dots the IOT way!

    Sunil Singh, Regional Chief Information Officer, Coca-Cola Beverages Vietnam

    Disrupting the Automotive Industry through Digitalization

    Esteban Remecz, CIO, Asia Pacific, ZF Group

    Simplifying Deployment and Management of Branch Office Networks

    Ari Bose, CIO, Brocade

    Internet-of-Things: The Rise of Connected Businesses and Connected Lives

    Harnath Babu, CIO, KPMG India

    How IOT is Driving Competitive Advantage to Asian Supply Chains?

    Steve Walker, CIO, DHL Supply Chain Asia Pacific

    Embracing Advanced Tech-enabled Solutions that Foster Innovation and Growth

    Steven Weinreb, CIO & EVP, Technology & Operations, Asia, MetLife

    Internet of Things: Unraveling A New Wave Of Opportunities For Home Appliances

    Jai Thampi, Head - IoT and Digital Transformation, APAC & MEA, Electrolux

    right

    Why the Internet of Things is so Difficult to Secure

    By Ian Yip, CTO, Asia Pacific, McAfee

    Tweet
    content-image

    Ian Yip, CTO, Asia Pacific, McAfee

    As the world moves towards ubiquitous hyper-connectivity through the advent of all the “things” in our lives becoming connected to everything else, those tasked with maintaining cyber safety get increasingly worried. The exponential growth of the Internet of Things (IoT) exacerbates an already complex problem: defending the world against cyber-threats.

    There are many cases where IoT does improve the quality of life. For example, IoT sensors can help commuters determine which carriages of a train will yield the highest chance of a seat, and hence direct them to the appropriate section of the platform. This is a very practical, useful application that significantly improves a commuter’s journey and experience. It is examples such as this that advocates use as evidence to argue that the benefits of IoT far outweigh the risks.

    The term “smart” is a word commonly used to suggest a product has digitally-enhanced capabilities and as such, is a next-generation technology that will improve lives, and help businesses function more effectively. Then there are smart meters, smart thermostats, and all things “smart home” that allow us to evolve our dwellings to something only previously witnessed in science fiction movies. The IoT value proposition is a compelling one. “Smart everything” is the future of how we live and how we will run our businesses.

    Today, many security practitioners subscribe to the mantra that “smart means insecure”. Some may say this is an exaggeration, but it is applicable in a frighteningly high number of cases. One just needs to look at the Mirai incidents of late 2016 that used compromised IoT devices against victims which included Twitter, Netflix, and Reddit. While Mirai has been the highest profile example to date of a targeted IoT attack, there have been others since, and the number will continue to rise. Cyber-attackers typically break in via the weakest points on a network; increasingly, this will be through the IoT-enabled parts of an environment.

    People and companies do not “buy IoT”. They focus on improving the way their businesses run or that make lives better

    A recent Forbes survey found that 39 percent of corporate executives surveyed say IoT programs at their companies have been delayed due to security concerns. While this statistic is significant, that figure should arguably be higher due to the unknowns in most IoT architectures. The IoT security problem is primarily a cultural one. Take a smart television as an example. For the average person, if it continues to function as required, should they care that it happens to be part of a botnet? Unfortunately, that answer is “no”. The average person only cares that the smart device continues to function in line with expectations; the fact that it may be insecure is secondary if the device was not primarily intended for use as a security control point. This is true in both consumer and corporate worlds.

    There is little regulation mandating that a minimal level of security be built into IoT devices. However, this is starting to change. In August 2017, The United States Senate introduced the IoT Cybersecurity Improvement Act of 2017, which requires that vendors providing internet-connected equipment to the U.S. government ensure their products meet a baseline set of security standards. While this is a good start, it is not the norm. More needs to be done by regulators globally, working in conjunction with those attempting to secure our digital lives, to help ensure IoT devices meet security standards.

    For businesses, additional IoT security challenges include: • Devices are usually low powered. Limited computing capabilities mean difficulty implementing security controls (e.g. encryption).

    • Keeping devices up to date is not something that is currently well managed, leading to security vulnerabilities potentially remaining un-patched indefinitely.

    • The sheer number of emerging connection protocols makes devices difficult to manage and secure.

    • Devices are increasingly unlikely to be in physically secure sites, significantly increasing the opportunities for attackers to compromise their integrity.

    • IoT deployments are largely uncontrolled environments where the number of devices grows exponentially, making it extremely challenging for security teams to govern and manage.

    People and companies do not “buy IoT”. They focus on improving the way their businesses run or that make lives better. The fact that something is IoT-related technology is secondary to the buyer and user experience. Therefore, IoT will eventually become the norm. The term will lose its lustre and we will simply be attempting to maintain cyber safety for organizations and the general population. Security practitioners would serve the world best by getting ahead of this reality and approaching the problem not as “protecting IoT”, but in building next-generation cyber defenses. Instead of security, cyber defenses must focus on cyber resilience using a risk-based approach. This is how we best set ourselves up to succeed in the ongoing war against cyber-attackers.

    Read Also

    Internet of Things: Unraveling A New Wave Of Opportunities For Home Appliances

    Internet of Things: Unraveling A New Wave Of Opportunities For Home Appliances
    Stepping Up Security for an IoT World

    Stepping Up Security for an IoT World
    Future-Proofing the Fourth Industrial Revolution With IoT Security

    Future-Proofing the Fourth Industrial Revolution With IoT Security
    3 Steps that Smart Cities will Help to Combat Natural Disasters

    3 Steps that Smart Cities will Help to Combat Natural Disasters
    Top 10 IoT Solution Providers - 2019
    Top 10 IoT Consulting/Services Companies - 2019

    Featured Vendors

    ZiMetrics

    Vikas Verma, CEO

    Indicium Dynamics

    Mike Ross, Founder & CEO

    IoT Special

    Copyright © 2019 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://internet-of-things.apacciooutlook.com/cxoinsights/why-the-internet-of-things-is-so-difficult-to-secure-nwid-4927.html