Click here to learn more about Ari Amster.
In many respects, the Internet of Things (IoT) has already arrived. While many experts are predicting extreme growth over the next decade, for all intents and purposes, the IoT isn’t some far-flung concept of the future; we’re living in it right now. Think of all the devices and objects we have now that connect to the internet, giving us incredible new capabilities that we only dreamed of before. Household appliances are now connected to the web. Many people were wireless exercise bands. Cars now utilize the Internet as much as computers do. That doesn’t even begin to get into everything you can do with a smartphone. As the years go on, ever more items will become Internet-enabled, but the basic IoT idea has already become a reality. That also means we have to address some of the more unpleasant aspects of the Internet of Things, mainly that of data security. The more connected we become, the more intrusion we’re likely to see. And as far as the IoT is concerned, it may already be too late to provide a secure environment.
This may be seen as a pessimistic view by some, but one thing most people can agree on is that the IoT has some major security problems to address. All the more pressing is the fact that we’re looking at the number of IoT devices to reach up to 50 billion by the end of the decade. All of these devices use data — massive amounts of data that can detail some very private information. That means tremendously personal data is at risk of theft or leaking. Those industries that manufacture IoT devices may want to ensure that information is kept private, but for now, it appears they view security and big data problems as a secondary issue.
The Internet of Things carries with it a lot of incredible potential, so it’s obvious to see why so many businesses want to jump in feet first. This often leads to security becoming an afterthought. To the ambitious IoT creators, optimal design comes first and security can be worried about at a later date. It’s all in the sake of providing a profit-maximizing product that works efficiently. Unfortunately, security features have been left behind. In the Global State of Information Survey 2015 from PricewaterhouseCoopers, it was found that a stunning 70 percent of IoT devices don’t even have many of the fundamental security safeguards that should be used to deter cyber attackers. Many companies have the attitude of creating and releasing the product first and foremost, then worrying about adding in security features later through patches and updates. Needless to say, that has left many devices vulnerable.
One such basic security feature is data encryption. Since IoT devices traffic in tons of data, encryption seems like a pretty obvious feature to include, and yet it is rarely used, especially end-to-end encryption, which would be most effective. But here’s where the security prospects of the IoT look particularly bleak. With advances in quantum computing, encryption might not be enough to protect vital data. Quantum computers can figure out crypto keys quickly, and while most cyber attackers don’t have access to that level of computing yet, they most likely will some time in the future. Quantum-proof security will be needed, and while experts believe it could be achieved, the fact remains that it is still a gaping hole in IoT security.
Numerous other challenges affect improved Internet of Things security. IoT devices are especially at risk since they have multiple points of vulnerability, from the devices themselves to their software, data aggregation platforms, and more. Imagine combining all the security weak points of smartphones, wireless networks, laptops, and data centers, all rolled into one. Then IT professionals have to worry about the wide variety of IoT devices out there, with some of them being particularly cheap and expendable yet still carrying valuable data. It’s a monumental challenge, one that affects every aspect of IoT security.
Perhaps it is a bit too early to say we’re too late to properly secure the Internet of Things, but the challenges are only going to grow from here. The IoT will increase in diversity and complexity, in turn increasing the current vulnerabilities. Technology is now progressing at such a pace that security experts are barely keeping up as it is. The future will only place more pressure on the security industry. Unless major breakthroughs are made and businesses adopt a “security first” mentality, the Internet of Things may always be a risky endeavor.