WASHINGTON – As the “Internet of Things” becomes a staple of the conversation across all aspects of the economy, there’s a growing concern around how to secure all these new connections.
At the recent Federal Building Council event, many participants analogized that creating an IoT network is like building a house with a million doors and windows, and all a criminal needs to do is find one door or window someone left open.
This is concerning for consumers who have a home automation IoT system. For organizations like the Department of Defense, which has 2.2 billion IoT-enabled systems in the Pentagon, it can be extremely troublesome.
IoT systems are complex and increasingly vital in things that are classified as critical infrastructure, like nuclear power plants. General Electric, for example, now requires access to the IoT sensors on every turbine and generator it sells in order to monitor efficiency and keep the warranty current.
The consensus that seems to be emerging on IoT security is a multilayered, multifaceted, smart system approach to the problem.
At the Federal Buildings Conference, M2 Security spokesman John Dwyier told RCR Wireless News, “Our solution to this problem, is we just nail down all the doors and windows.”
M2 system uses military grade encryption to essentially make IoT devices invisible to anyone looking for them from an outside connection. “We designed our system with IoT and adapting it to established networks in mind,” Dwyier said.
If malware, for instance, does penetrate the outer layer, numerous firms like NexDefense have developed systems to stop infection and identify the point of entry.
NexDefense VP Preston Futrell explained, “What we do is develop a baseline of network behavior and our software recognizes whenever there is a data packet with malicious code.” Futrell said NexDefense also alerts users if there had been any attempt to remotely access a network from an external source.
What has proven critical in consideration of IoT security is an emphasis of the potential devastation a cyberattack can wreak on such a large ecosystem. This has prompted stakeholders like the government to put security at the forefront of IoT networks, something major IoT players like AT&T, IBM and Google constantly stress.
OSIsoft is a firm that has in the last few years helped critical infrastructure owners embrace IoT systems, and effectively harness huge volumes of data.
David Doll, an OSIsoft executive, said “In our system the only thing that flows to an external connection is data.”
Despite the renewed emphasis on security, IoT systems remain a major point of concern in both the public and private sectors, especially as they propagate across multiple industries. A cyberattack that could potentially impact a power plant, stop productivity at an oil refinery or turn every traffic light in a city red, explains why security is a cornerstone of the burgeoning IoT.
