The Internet of Things (IoT) has become a catch-all phrase that encompasses all the communication that occurs among physical objects such as interconnected computer networks, sensors, and devices. It is clearly intertwined with the concept of Big Data, which is not surprising as increased interconnectivity will lead to a rise in the amount of information that can be generated by these ecosystems.
The Internet of Things (IoT) has become a catch-all phrase that encompasses all the communication that occurs among physical objects such as interconnected computer networks, sensors, and devices. It is clearly intertwined with Big Data, which is not surprising as increased interconnectivity will lead to a rise in the amount of information that can be generated by these ecosystems.
This became a hot topic of discussion at a recent industry event as the past years have seen a proliferation of new devices coming online and producing data. A report by Gartner even stated that 5.5 million new devices will be connected every day in 2016. Although it might be trending right now, IoT is not a new concept. It has become common practice for security practitioners to incorporate different technologies and components into one system.
IoT Value Proposition
What makes today's concept of IoT different from before is how the gathered data is now being handled. It is now widely aggregated and mined in data warehouses. The data is automatically transformed into something that consumers can understand, access, and use to add value to their lives through the use of web browsers, smartphones, or smart devices.
The panelists in the discussion also emphasized the value of collecting data for future analysis. The promise of Big Data lies in its potential for associations over time as technology continues to mature and become capable of manipulating it to produce information that is meaningful and useful for the users.
Big Data in Security
In the security industry, Big Data has traditionally been used for two purposes: to prevent bad things from happening and, in instances that something bad happened, to perform forensic investigation. However, people are now looking toward harnessing the data to enable them to use the system proactively by potentially predicting what threats would be present and eliminating them beforehand. Furthermore, the data can also be leveraged in businesses to improve operational efficiency and this can already be seen in the retail space.
Implications for Security
Demands from users for better broadband experiences is expected to grow even further in the near future and this would in turn drive up the need for security. This is because the rising demand for immediacy and connectivity can end up creating the so-called "internet of insecure things" or "internet of risk."
The more devices gets connected to a system, the more breach points the system will potentially have. Cybercriminals will try to find the weakest parts of the systems, which could be the video or the security system, and use it as a backdoor to access the company's network. The growing popularity of the "bring your own device" (BYOD) trend in the workplace is a challenge many companies face, necessitating the implementation of regulating policies that will protect both the employees and the company.
Additionally, many consumers rely on safety standards such as UL, Triple DES, and ONVIF to keep their systems safe but this can backfire. The creation of these standards takes time and collaboration so it is possible that it is a year or two behind where the market is at the moment. On the other hand, hackers are continuously formulating new attacks and finding ways to get around existing standards.
Role of the Security Industry in IoT
IoT is constantly developing and security practitioners would be wise to get involved early so as not to be left behind. It would be important for them to continue to communicate and be aware of what is happening with their vendor partners and end customers in order to determine and execute the right strategies. It is equally important to collaborate with outside consultants to better identify weak links and come up with possible solutions to increase the overall security of the system.
This would also involve developing good security development practices for vendors that is supported by strict and continuous testing programs. Another important point would be to make it easier for the end users to apply, because at the end of the day, it doesn't matter how secure the system can potentially be if the end users don't go through the process of securing it.