Recently, we published a post about the industrial Internet of Things, or “IoT” outlining the number of connected devices already used everyday that we don’t even think about. As with all connected devices, security should be considered alongside these technology innovations – especially if innovations are mission critical or produce or consume data.
This week, saw a “hack” revealed in relation to a car whereby control of the heating and air-conditioning system could be hijacked. Additionally, it was revealed that the data regarding the driver's recent journeys could be spied on. Whilst it can be argued there is minimal risk to safety, this is further evidence that there is a potential decoupling between the advancement of technical innovations and the security to maintain the integrity of such innovations.
This is not the first occurrence of potential breaches of innovative technologies, and probably won’t be the last. Some instances maybe viewed as “low risk” by some - but what does that really mean and how would we know? Without understanding the consequences of the vulnerability, it is difficult to quantify the real risk it poses. Some estimate that by 2020 around 10% of the 44 Zettabytes of data will be generated by innovations related to IoT – that’s a huge amount of data. Some of it may be relatively benign, though a huge amount of it is likely to be highly sensitive. And where sensitive data has a value, it becomes a target for hackers.
Our recent Risk:Value report touched upon the issue of customer trust – nearly three quarters expect a breach to impact customer confidence and nearly two thirds expect reputational damage. Both of those aspects are hard to quantify, though most would agree it would be both costly and time consuming to build up trust and confidence once it has been lost. With that in mind, it is essential for businesses to consider their risks beyond the traditional perimeter – attacks are no longer limited to the traditional view of an IT network. With the growth of IoT, the attack vectors increase (as there are far more connected endpoints) and much more data to target. This is supported by NTT’s Global Threat Intelligence report, where it was found that 7 out of 10 vulnerabilities now resides on the end-user systems.
Innovation can bring huge advances in technology, cost and time efficiencies, and can change the way we do things for the better. However, technological innovation must be fit for purpose and take into account the environment in which it will be used. As a result, security must play a central role here. Furthermore, with a backdrop of increased consumer choice, trust and integrity are hugely important to drive competitive edge – and cybersecurity certainly adds value here too.
As we move to a far more connected world where cybersecurity is increasingly important to maintain the integrity of both data and user experience, future innovations (such as those that drive IoT) that seamlessly integrate security, whilst pushing the boundaries of technology, will likely resonate well with customers.