6 ways of protecting your IoT operations

IoT risks must be balanced against the benefits

Industrial Internet of Things

Businesses are increasingly adopting connected technologies such as wearables and office sensors to streamline operations and boost productivity, and as a result, the Internet of Things (IoT) industry is on the up.

By 2020, there'll be more than 50 billion internet-connected objects in use, and the industry will be turning over trillions in profit annually, according to Cisco. At the same time, these devices will be generating large amounts of data. Clearly, the industry is entering a golden age.

But while there's major potential here, there are fears that cybercriminals are eyeing up IoT as a lucrative opportunity. As a result, Gartner says security spending will reach $348 million (around £260 million, AU$455 million) by the end of 2016, an increase of 23.7% on the previous year.

However, not every firm has the resources to invest in expensive security products and services. SMEs simply don't have the money, although that's not to say they have to suffer. We asked some of the industry's leading professionals for the best IoT security solutions and advice, and here's what they advised.

IBM Watson

1. Investigate new innovation like AI

Artificial intelligence is an exciting area of tech itself, and many experts believe that its problem-solving capabilities can help businesses. Carl Herberger, vice president of security solutions at Radware, is one of those people. He encourages firms to look into the potential of AI.

"With any major development – IoT, M2M, AI – there are always going to be inherent security risks. If you think about the wider security landscape, attacks have become automated. We see more bots carry out attacks today than ever before," Herberger says.

He continues: "We really are in a state of machine cyber-warfare. But AI is also a route to manage the risks because of the speed at which it can learn to identify risk and respond. Humans are needed to oversee the infrastructure that uses AI for security and will be needed for the foreseeable future to work through problem escalations and unintended consequences, as well as inform the security strategy such as identifying the best technology to employ.

"However, we can see a time when even some of these controls are replaced by more automated processes."

2. Focus on improved device management

Ian Hughes, analyst of Internet of Things at 451 Research, says that multiple and varied endpoints are creating unlimited access for cybercriminals. Because of this, businesses need to stay protected by managing their devices effectively. He spoke to us about some of the latest security innovations on this front.

"A large number of varied endpoints provide an increased attack surface so rigorous device management is needed," Hughes says. "Emerging technologies such as blockchain are being implemented to assure the provenance of components. Communication protocols are emerging that provide no patterns for data inference. Machine learning is being put in place to find network anomalies along with traditional firewalls.

"Any products becoming IoT enabled require skilled security professionals to be part of the initial design – when they are not we get hackable system weak points such as we have seen with baby monitors and in automotive. Cloud providers have tight security but if the devices and interfaces bolted on in IoT rollouts are weak, then the whole system is compromised. Operational staff need additional training; social engineering is still a key tool for hackers."