APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • IoT
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Internet of Things
    Editor's Pick (1 - 4 of 8)
    left
    Digital transformation - Gaining Momentum in Operational Technology (OT)

    Martin Schlatter, CIO and Regional CEO, APAC, NTT Security

    Connecting dots the IOT way!

    Sunil Singh, Regional Chief Information Officer, Coca-Cola Beverages Vietnam

    Disrupting the Automotive Industry through Digitalization

    Esteban Remecz, CIO, Asia Pacific, ZF Group

    Simplifying Deployment and Management of Branch Office Networks

    Ari Bose, CIO, Brocade

    Internet-of-Things: The Rise of Connected Businesses and Connected Lives

    Harnath Babu, CIO, KPMG India

    How IOT is Driving Competitive  Advantage to Asian Supply Chains?

    Steve Walker, CIO, DHL Supply Chain Asia Pacific

    Embracing Advanced Tech-enabled Solutions that Foster Innovation and Growth

    Steven Weinreb, CIO & EVP, Technology & Operations, Asia, MetLife

    Leading the Future of Tech with Purpose and Vision

    Daniel Suraboyini, Global Chief Information Officer, SIPEF

    right

    Why the Internet of Things is so Difficult to Secure

    Ian Yip, CTO, Asia Pacific, McAfee

    Tweet
    content-image

    Ian Yip, CTO, Asia Pacific, McAfee

    As the world moves towards ubiquitous hyper-connectivity through the advent of all the “things” in our lives becoming connected to everything else, those tasked with maintaining cyber safety get increasingly worried. The exponential growth of the Internet of Things (IoT) exacerbates an already complex problem: defending the world against cyber-threats.

    There are many cases where IoT does improve the quality of life. For example, IoT sensors can help commuters determine which carriages of a train will yield the highest chance of a seat, and hence direct them to the appropriate section of the platform. This is a very practical, useful application that significantly improves a commuter’s journey and experience. It is examples such as this that advocates use as evidence to argue that the benefits of IoT far outweigh the risks.

    The term “smart” is a word commonly used to suggest a product has digitally-enhanced capabilities and as such, is a next-generation technology that will improve lives, and help businesses function more effectively. Then there are smart meters, smart thermostats, and all things “smart home” that allow us to evolve our dwellings to something only previously witnessed in science fiction movies. The IoT value proposition is a compelling one. “Smart everything” is the future of how we live and how we will run our businesses.

    Today, many security practitioners subscribe to the mantra that “smart means insecure”. Some may say this is an exaggeration, but it is applicable in a frighteningly high number of cases. One just needs to look at the Mirai incidents of late 2016 that used compromised IoT devices against victims which included Twitter, Netflix, and Reddit. While Mirai has been the highest profile example to date of a targeted IoT attack, there have been others since, and the number will continue to rise. Cyber-attackers typically break in via the weakest points on a network; increasingly, this will be through the IoT-enabled parts of an environment.

    People and companies do not “buy IoT”. They focus on improving the way their businesses run or that make lives better

    A recent Forbes survey found that 39 percent of corporate executives surveyed say IoT programs at their companies have been delayed due to security concerns. While this statistic is significant, that figure should arguably be higher due to the unknowns in most IoT architectures. The IoT security problem is primarily a cultural one. Take a smart television as an example. For the average person, if it continues to function as required, should they care that it happens to be part of a botnet? Unfortunately, that answer is “no”. The average person only cares that the smart device continues to function in line with expectations; the fact that it may be insecure is secondary if the device was not primarily intended for use as a security control point. This is true in both consumer and corporate worlds.

    There is little regulation mandating that a minimal level of security be built into IoT devices. However, this is starting to change. In August 2017, The United States Senate introduced the IoT Cybersecurity Improvement Act of 2017, which requires that vendors providing internet-connected equipment to the U.S. government ensure their products meet a baseline set of security standards. While this is a good start, it is not the norm. More needs to be done by regulators globally, working in conjunction with those attempting to secure our digital lives, to help ensure IoT devices meet security standards.

    For businesses, additional IoT security challenges include: • Devices are usually low powered. Limited computing capabilities mean difficulty implementing security controls (e.g. encryption).

    • Keeping devices up to date is not something that is currently well managed, leading to security vulnerabilities potentially remaining un-patched indefinitely.

    • The sheer number of emerging connection protocols makes devices difficult to manage and secure.

    • Devices are increasingly unlikely to be in physically secure sites, significantly increasing the opportunities for attackers to compromise their integrity.

    • IoT deployments are largely uncontrolled environments where the number of devices grows exponentially, making it extremely challenging for security teams to govern and manage.

    People and companies do not “buy IoT”. They focus on improving the way their businesses run or that make lives better. The fact that something is IoT-related technology is secondary to the buyer and user experience. Therefore, IoT will eventually become the norm. The term will lose its lustre and we will simply be attempting to maintain cyber safety for organizations and the general population. Security practitioners would serve the world best by getting ahead of this reality and approaching the problem not as “protecting IoT”, but in building next-generation cyber defenses. Instead of security, cyber defenses must focus on cyber resilience using a risk-based approach. This is how we best set ourselves up to succeed in the ongoing war against cyber-attackers.
    tag

    IoT

    Weekly Brief

    loading
    Top 10 IoT Solutions Providers in APAC - 2024
    ON THE DECK

    IoT 2024

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://internet-of-things.apacciooutlook.com/views/why-the-internet-of-things-is-so-difficult-to-secure-nwid-4927.html