Page 9 - index
P. 9
Billions of nodes. Trillions of patches. Good luck with that IoT
thing.
By Chris Rouland, founder & CEO, Bastille
The Internet of Things (IoT) has taken the world by storm. For the past year, seemingly every
day has been defined by the emergence of a new IoT development platform; and as a result,
everything from cars and pacemakers to soccer balls and watches can now connect to the
Internet.
For me, the current landscape is eerily reminiscent of the Internet circa 1992, as the mish mash
of converging operating systems, wireless protocols and embedded processors that define the
IoT are bound by no laws and beholden to no governance. And much like the early days of the
Internet, the IoT is not very safe.
I’m often asked what exactly defines the IoT, as its rapid assent into the mainstream has elicited
some confusion and even doubt as to its relevance and impact on the enterprise. By its most
simplistic definition, the IoT includes any networked device or sensor that is not a computer,
router, switch, etc. In fact, an IoT device is just a physical object that is digitally connected and
able to communicate data, geography and other types of sophisticated information with ease.
There are some who openly question the merits of IoT and why there is a need to have
universal connectivity across all devices. While there may be merits to having that debate, it
doesn’t mitigate the reality that the IoT is in an accelerated state of proliferation and is extremely
vulnerable to the unintended consequences of rapid growth, such as those that adversely
impact security and privacy.
The cybersecurity market is an estimated $71 billion industry, which is expected to reach over
$155 billion by 2019, as new technologies continuously emerge to keep up with the evolving
threat landscape.
However, the ingenious of network security has not yet matured to encompass the scope of IoT,
in which each device seemingly runs on a tiny embedded computer with network access. For
the enterprise specifically, which has already been the recipient of costly cybersecurity attacks,
the IoT should represent a driver of fundamental change to existing governance; in particularly
with how situational awareness is determined and how risk management is achieved.
In a world saturated by IoT (a predicted future of 5-10 connected devices per person), an
organization’s risk assessment obligations will expand exponentially. The enterprise will face
new threats from devices coming in and out of corporate environments every day, far
surpassing the traditional threats generated by computers and cell phones connecting to the
private network.
Adding to the threat landscape are the permanent IoT devices being adopted and deployed in
organizations to reduce cost and improve workflow efficiencies. As such, organizations need to
9 Cyber Warnings E-Magazine – March 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
