Overcoming Security Hurdles for IOT Projects

By Phil Beecher, CEO and President, Wi-SUN Alliance

Five years ago, Wi-SUN Alliance published its first Internet of Things (IoT) ‘state of the nation’ report.

At the time, we were not surprised to see security as one of the main concerns among survey respondents (IT decision makers who are IoT adopters in UK and US organizations), with the majority ranking security as one of their top three challenges when rolling out IoT. But attitudes – and barriers to adoption – are changing.

This year we revisited the study to see how attitudes and adoption patterns have changed within organizations across a range of different industries, from energy & utilities and telecommunications to construction and government.

The message is loud and clear, IoT is now a bigger IT priority than ever across all sectors. More than 90% agree they must invest in IoT technologies over the next 12-18 months, to help gain competitive advantage, reduce operational costs, and create business efficiencies.

Looking at the two studies over a five-year period, it’s clear that there are more companies not just thinking about the technology, but also planning to roll out IoT initiatives. These include more established uses cases for security and surveillance, distribution automation and advanced meter infrastructure. But it’s encouraging to see growing enthusiasm for other IoT applications designed for smart cities, including traffic management, smart parking, and electric vehicle charging.

So, with the market maturing and a growing range of IoT solutions and devices available, organizations are becoming more ambitious and open to the idea of planning and deploying services and applications. Such projects, however, can remain challenging.

Fewer security worries, but data privacy concerns grow

Security remains a challenge for some organizations, but it’s becoming less of a concern five years’ on. Respondents ranking security as one of their ‘top three challenges when rolling out IoT’ fell from 58% in 2017 to 24% in 2022.

The number of respondents viewing it as a technical challenge also fell, from 65% in 2017 to 42% in 2022, indicating fewer concerns, but still highlighting it as an issue. Organizations might be less worried about security, but it is still on their risk list.

While security is seen as less challenging than it used to be, there are growing fears over data privacy.

IoT projects like smart metering, streetlighting and smart city applications using hundreds and possibly thousands of devices and sensors, have the potential to generate huge amounts of data. Even if this information is secure, handling it responsibly represents a privacy risk. Managing large volumes of data is technically difficult, especially when regulators interpret it as sensitive personal information. Organizations who mishandle or misuse it risk running into compliance issues.

Data privacy regulation was ranked the second-highest political, economic, or social challenge for IoT adopters, with 36% placing it in their top three just behind the need to reprioritize spending due to Covid and ahead of budget cuts resulting from the pandemic.

Fears over big data have jumped to 19% from 11% placing it in their top three IoT rollout challenges in the last five years, and one in four respondents citing regulatory concerns.

This is no surprise given the focus on data protection in recent years. Since our first study, stricter privacy laws have put pressure on organizations to protect sensitive data, including the introduction of the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and other privacy regulations.

There’s evidence of a growing number of attacks targeted at IoT devices, applications, and services in recent years, leading to the launch of denial of service (DDoS) attacks. Mirai is perhaps the most well-known IoT attack. Dating back to October 2016, it took advantage of insecure IoT devices, such as CCTV and routers, to launch a massive DDoS attack. Astonishingly, it’s still used today by malware developers to attack vulnerable systems, from manufacturing to critical infrastructure.

The journey to IoT is maturing, with organizations becoming more ambitious in their thinking and their approach. It is now a bigger priority than ever across all the sectors, and the scale of what is being planned over the next few years is encouraging.

What is clear is that this journey isn’t over and there is still some way to go to true IoT maturity. Obstacles remain and organizations must work to overcome them.

To see the full Wi-SUN Alliance report.

About the Author

Phil Beecher AuthorPhil Beecher is President and CEO of Wi-SUN Alliance. Since 1997, Phil has played a key role in the development of communications standards including Bluetooth, WiFi, and IEEE and the specification of test plans for a number of Smart Utilities Network standards, including Advanced Metering Infrastructure (AMI) and Home Energy Management Systems.

Wi-SUN Alliance can be reached on Twitter at: @WiSunAlliance and on LinkedIn at: https://www.linkedin.com/company/wi-sun

October 7, 2022

cyber defense awardsWe are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.
Cyber Defense Awards

12th Anniversary Global InfoSec Awards for 2024 are now Open! Take advantage of co-marketing packages and enter today!