Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

CIOs visualize an imminent IoT security storm

Chee-Sing Chan | May 30, 2014
If media reports and technology vendors are to be believed, then the world of artificial intelligence, smart cities, and a life of automated-everything is just around the corner. The surge of hype around the Internet of Things (IoT) has stolen the thunder of big data and cloud, the last two technology trends dominating headlines.

If media reports and technology vendors are to be believed, then the world of artificial intelligence, smart cities, and a life of automated-everything is just around the corner. The surge of hype around the Internet of Things (IoT) has stolen the thunder of big data and cloud, the last two technology trends dominating headlines.

According to Gartner, there are 0.9 billion connected devices today, all communicating at some level of machine-to-machine connectivity. By 2020, Gartner predicts this will swell to 26 billion devices, including sensors in cars, homes, and the streets we walk and drive on.

The benefits are immense, but the flip side — according to Gareth Bridges, business manager, Security and Information Management, Symantec — are the unknown security threats brought by this massive sprawl of connected devices and sensors.

Bridges suggested that devices as diverse as TVs, vehicles, ATMs, health systems, and industrial control systems, could be open to attack in the near future as they become connected to the Internet and to each other.

Growing attack surface

These connected devices may pose a risk even without Net connectivity as the threats are not exclusive to Web-enabled devices. Recently, ex-politician Dick Cheney had the wireless capability on his pacemaker disabled as there were concerns that it could be hacked in an assassination attempt.

"We're seeing lots of things like this: attack vectors that didn't exist before, and now require serious thought," said Bridges. "As these things become more connected, you end up with a much greater attack surface."

One area where connected devices are on the rise is in healthcare. IoT promises a transformation of the healthcare delivery landscape as remote health-monitoring and automation of processes is accelerated by more connected devices.

Dale Johnstone, senior system manager (IT Security & Risk Management), Hospital Authority, said that Cheney's pacemaker incident drew attention, and supplemented a further challenge that health providers face, which is to maintain the integrity of devices and equipment within internal networks.

Tightening governance

Johnstone stressed that all medical equipment within the Hospital Authority is strictly managed and protected from external networks — everything is managed within the internal environment. Given the high risk nature of medical equipment, everything is tightly governed, and installing additional security on medical devices is very carefully considered as many devices are highly regulated and need to be balanced from a compliance perspective.

"From a security perspective and as a hospital authority, we're aware of the issues that IoT may bring," said Johnstone. "Currently, all devices we use are controlled within our own networks so exposure to the Web is limited."

Another industry that IoT is already affecting is transportation. At the Hong Kong Airport Authority, IoT is viewed as an opportunity to enable smart airport initiatives. Andy Bien, CIO at the Airport Authority, said that connected devices, objects and sensors will be used to inform management of real-time situations and performance in the airport.

 

1  2  3  4  Next Page 

Sign up for Computerworld eNewsletters.