Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Partner Conferences
  • Newsletter
  • Subscribe
  • News
  • About us
Apac

  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Cloud

    Cyber Security

    DevOps

    Digital Technology

    Enterprise Security

    HPC

    Internet of Things

    IT Services

    Mobility

    Networking

    Open Source

    POS

    QA and Testing

    Robotics

    SaaS Solutions

    Security

    Simulation

    Smart City

    Startup

    Storage

    Unified Communication

    Virtualization

    Web Development

  • Automotive

    Aviation and Aerospace

    Banking

    Compliance

    Construction

    Contact Center

    E-Commerce

    Education

    Energy

    Engineering

    Field Service

    FinTech

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Telecom

    Travel and Hospitality

    Utilities

  • Amazon

    CISCO

    Dynamics 365

    Google

    HP

    IBM

    Intel

    Microsoft

    Microsoft Azure

    Oracle

    Red Hat

    Salesforce

    SAP

    Share Point

    VMware

  • Business Intelligence

    Business Process Management

    CEM

    Cognitive

    Collaboration

    Corporate Finance

    CRM

    Data Center

    Disaster Recovery

    Document Management Systems

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Performance Management

    ERP

    Fleet Management

    Gamification

    Geographical Information System

    HR Technology

    IT Service Management

    Managed Services

    Payments

    PLM

    Procurement

    Project Management

    Risk Management

    Sales and Marketing

    Workflow

Menu
    • Agile
    • Banking
    • Cloud
    • Corporate Finance
    • Healthcare
    • HR Technology
    • Logistics
    • Media and Entertainment
    • SAP
    • Wireless
    More
    Media and Entertainment SAP Wireless
    ×

    Subscribe to our Newsletter

    news
    news

    Join our mailing list for the latest articles, news, and exclusive insights from prominent technology leaders

    loading
    SUBSCRIBE

    Thank You for subscribing with us. We sent you an email regarding this.

    news

    • Home
    • Internet of Things
    Editor's Pick (1 - 4 of 8)
    left
    Connecting dots the IOT way!

    Sunil Singh, Regional Chief Information Officer, Coca-Cola Beverages Vietnam

    Disrupting the Automotive Industry through Digitalization

    Esteban Remecz, CIO, Asia Pacific, ZF Group

    Simplifying Deployment and Management of Branch Office Networks

    Ari Bose, CIO, Brocade

    Internet-of-Things: The Rise of Connected Businesses and Connected Lives

    Harnath Babu, CIO, KPMG India

    How IOT is Driving Competitive Advantage to Asian Supply Chains?

    Steve Walker, CIO, DHL Supply Chain Asia Pacific

    Embracing Advanced Tech-enabled Solutions that Foster Innovation and Growth

    Steven Weinreb, CIO & EVP, Technology & Operations, Asia, MetLife

    Paving the Way for IoT in Your Organization

    Lou Lutostanski, VP, Internet of Things, Avnet

    Strategizing Business Policy for the Digital World

    Clive Dickens, Chief Digital Officer, Seven West Media

    right

    Why the Internet of Things is so Difficult to Secure

    By Ian Yip, CTO, Asia Pacific, McAfee

    Tweet
    content-image

    Ian Yip, CTO, Asia Pacific, McAfee

    As the world moves towards ubiquitous hyper-connectivity through the advent of all the “things” in our lives becoming connected to everything else, those tasked with maintaining cyber safety get increasingly worried. The exponential growth of the Internet of Things (IoT) exacerbates an already complex problem: defending the world against cyber-threats.

    There are many cases where IoT does improve the quality of life. For example, IoT sensors can help commuters determine which carriages of a train will yield the highest chance of a seat, and hence direct them to the appropriate section of the platform. This is a very practical, useful application that significantly improves a commuter’s journey and experience. It is examples such as this that advocates use as evidence to argue that the benefits of IoT far outweigh the risks.

    The term “smart” is a word commonly used to suggest a product has digitally-enhanced capabilities and as such, is a next-generation technology that will improve lives, and help businesses function more effectively. Then there are smart meters, smart thermostats, and all things “smart home” that allow us to evolve our dwellings to something only previously witnessed in science fiction movies. The IoT value proposition is a compelling one. “Smart everything” is the future of how we live and how we will run our businesses.

    Today, many security practitioners subscribe to the mantra that “smart means insecure”. Some may say this is an exaggeration, but it is applicable in a frighteningly high number of cases. One just needs to look at the Mirai incidents of late 2016 that used compromised IoT devices against victims which included Twitter, Netflix, and Reddit. While Mirai has been the highest profile example to date of a targeted IoT attack, there have been others since, and the number will continue to rise. Cyber-attackers typically break in via the weakest points on a network; increasingly, this will be through the IoT-enabled parts of an environment.

    People and companies do not “buy IoT”. They focus on improving the way their businesses run or that make lives better

    A recent Forbes survey found that 39 percent of corporate executives surveyed say IoT programs at their companies have been delayed due to security concerns. While this statistic is significant, that figure should arguably be higher due to the unknowns in most IoT architectures. The IoT security problem is primarily a cultural one. Take a smart television as an example. For the average person, if it continues to function as required, should they care that it happens to be part of a botnet? Unfortunately, that answer is “no”. The average person only cares that the smart device continues to function in line with expectations; the fact that it may be insecure is secondary if the device was not primarily intended for use as a security control point. This is true in both consumer and corporate worlds.

    There is little regulation mandating that a minimal level of security be built into IoT devices. However, this is starting to change. In August 2017, The United States Senate introduced the IoT Cybersecurity Improvement Act of 2017, which requires that vendors providing internet-connected equipment to the U.S. government ensure their products meet a baseline set of security standards. While this is a good start, it is not the norm. More needs to be done by regulators globally, working in conjunction with those attempting to secure our digital lives, to help ensure IoT devices meet security standards.

    For businesses, additional IoT security challenges include: • Devices are usually low powered. Limited computing capabilities mean difficulty implementing security controls (e.g. encryption).

    • Keeping devices up to date is not something that is currently well managed, leading to security vulnerabilities potentially remaining un-patched indefinitely.

    • The sheer number of emerging connection protocols makes devices difficult to manage and secure.

    • Devices are increasingly unlikely to be in physically secure sites, significantly increasing the opportunities for attackers to compromise their integrity.

    • IoT deployments are largely uncontrolled environments where the number of devices grows exponentially, making it extremely challenging for security teams to govern and manage.

    People and companies do not “buy IoT”. They focus on improving the way their businesses run or that make lives better. The fact that something is IoT-related technology is secondary to the buyer and user experience. Therefore, IoT will eventually become the norm. The term will lose its lustre and we will simply be attempting to maintain cyber safety for organizations and the general population. Security practitioners would serve the world best by getting ahead of this reality and approaching the problem not as “protecting IoT”, but in building next-generation cyber defenses. Instead of security, cyber defenses must focus on cyber resilience using a risk-based approach. This is how we best set ourselves up to succeed in the ongoing war against cyber-attackers.

    Read Also

    Paving the Way for IoT in Your Organization

    Paving the Way for IoT in Your Organization
    Strategizing Business Policy for the Digital World

    Strategizing Business Policy for the Digital World
    Four fundamentals of Innovating for the Internet of Things

    Four fundamentals of Innovating for the Internet of Things

    Moving From Traditional Insurance Models to New Age Models

    Moving From Traditional Insurance Models to New Age Models
    Top 25 IoT Solution Providers - 2018

    Top 25 IoT Solution Providers - 2018

     Top 25 IoT Solution Providers - 2017

    Top 25 IoT Solution Providers - 2017

     25 Most Promising IoT Solution Providers

    25 Most Promising IoT Solution Providers

    Featured Vendors

    ZiMetrics

    Vikas Verma, CEO

    Indicium Dynamics

    Mike Ross, Founder & CEO

    IoT Special

    Copyright © 2019 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://internet-of-things.apacciooutlook.com/cxoinsights/why-the-internet-of-things-is-so-difficult-to-secure-nwid-4927.html