IOT and Cyber Security
1-Introduction about IOT .
What makes the Internet of Things (IoT) different from the traditional Internet? People, for starters. The IoT doesn’t rely on
human intervention to function. With the IoT, sensors collect, communicate, analyze, and act on information, offering new ways for
technology, media and telecommunications businesses to create value—whether that’s creating entirely new businesses and revenue
streams or delivering a more efficient experience for consumers.
IoT is a future-facing development of the internet wherein objects and systems are embedded with sensors and computing power, with the intention of being able to communicate with each other. Although the original concept of IoT puts excessive emphasis on machine-to-machine communications, the real change underlying this is the diversification of people-to-people communications in an increasingly indirect
way. Machines may eventually be able to communicate, but so far this phenomenon is neither universal nor covers all types of networks; even when machines can connect to each other, the fact is that they will remain as instruments of human communications.
Business models for the employment of IoT may vary for every organization, depending upon whether it is handling the core operations, manufacturing or the services/technologies. The retail and merchandizing sector, for example, could benefit from IoT innovations in the future: if a new customer enters a shoe shop, his or her shoe size could be measured by the measurement sensors; data could be sent over the cloud about availability of stock; the inventory could then be replenished based on real-time analytics and forecasted trends. Other examples for the same retail outlet could be parking sensors, motion sensors, environmental sensors, door sensors that measure footfall, and mobile payment services.
The Internet of Things (IoT) has been called the next Industrial Revolution — it will impact the way all businesses,
governments, and consumers interact with the physical world
3. Review the Cyber security risks of IOT
Recently, the UK’s National Health Service encountered a devastating multi-national cyber-attack.
Investigators have since discovered that this was only a small part of a simultaneous attack with over 57,000 ‘infections’
found in 99 countries across the world. Russia, Ukraine and Taiwan were the top targets and UK Prime Minister Theresa May called
the attacks “unprecedented”.
The Internet of Things (IoT), which is the inter-networking of physical devices, has been described as the next
‘industrial revolution’. The number of internet enabled hardware devices is expected to exceed 50 billion by 2020;
connected devices can range from health monitoring implants, chips on farm animals, smart cities, cars equipped with wireless networks,
and fitness trackers. The advances of the IoT are emerging so quickly that it’s hard to foresee what may be next and, as a result,
means that as businesses, organisations and individuals, we are more exposed to cyber-attacks.
A recent high-profile Distributed Denial of Service (DDoS) attack enabled hackers to compromise coffee percolators, webcams,
surveillance cameras, routers and indeed anything they could get their virtual hands on. They used these devices without their
owners’ knowledge to unleash a flood of internet traffic that overwhelmed and crashed popular sites like Twitter, Netflix, Airbnb
and even The New York Times.
The world won’t grind to a halt if Twitter goes down. But there is a broader trend of hackers targeting critical infrastructures
like power grids, chemical plants and transportation systems. In their recent report, ‘A new front in Cybersecurity,’ BI Intelligence
revealed that companies that operate critical infrastructure reported 295 cyber incidents in 2015. The report also notes that
industrial control systems weren’t designed to be connected to the internet, so they haven’t benefited from the embedded cyber
security capabilities needed to ward off hackers.
Take the smart home as an illustrative example. Imagine a garage door opener with the added functionality to deactivate the home
alarm upon entry. This is a convenient feature for a homeowner entering their home in a hurry. However, now the entire alarm system
could potentially be deactivated when only the garage door opener is compromised. The broad range of connectable home devices—TVs,
home thermostats, door locks, home alarms, smart home hubs, garage door openers, to name a few—creates a myriad of connection points
for hackers to gain entry into IoT ecosystems, access customer information, or even penetrate manufacturers’ back-end systems.
Last year the massive Distributed Denial of Service (DDoS) attack that brought down the Dyn Domain Name System (DNS) service
illustrated the vulnerability of certain platforms to attacks using the IoT. During that attack the perpetrators managed to
deny access to major platforms like Twitter, Netflix and Facebook for some hours. It was made possible through harnessing poorly
protected household devices such as security CCTV and baby monitors which still had the factory password programmed or no built in
The connected car
The connected car is just one way in which IoT is going to impact our lives significantly (and very visibly) in the near future.
Here, we address the security requirements of the connected car platform and its environment, but the approach is relevant
for all IoT-related innovations.
When considering connected car initiatives, businesses need to establish a solid legal understanding of data ownership and data protection policies. Only on that basis will it be possible to design agile and secure services that will enhance business operations. So far, in Europe and the rest of the world, issues around data protection do not have a uniform answer yet, and this area requires more work from the angle of information security.
Connected car networks need standard protection measures as security gateways (policy enforcement point) and firewalls (to block DOS and protocol attacks), but this also requires several layers or zones (based on assurance levels and access controls), where each layer implements
a security policy. Data ownership and classification must underpin security levels (separate access routes and roles, data path segregation, et
So how can organizations get ahead of cybercrime?
Designing and implementing a cyber threat intelligence strategy to support strategic
business decisions and leverage the value of security
Defining and encompassing the organizations extended cybersecurity ecosystem,
including partners, suppliers, services and business networks
Taking a cyber economic approach
understanding your vital assets and their value, and investing specifically in their
Using forensic data analytics and cyber threat intelligence to analyze and anticipate
where the likely threats are coming from and when, increasing your readiness
Ensuring that everyone in the organization understands the need for strong
governance, user controls and accountability
– Major players in the Cyber security field of IOT .
10 leading IoT security companies
The company offers an agentless security platform tailored for IoT devices. In the words of CEO and co-founder Yevgeny Dibrov,
Armis aims to help enterprise companies end the “IoT blind spot” that exists when organizations have poor awareness of the
devices on their network.
Bastille leverages patented software to help with enterprise IoT security.
3. CENTRI Technology
CENTRI Technology’s Internet of Things Advanced Security (IoTAS) platform is a software-only platform designed to both secure
and compress data in motion and at rest.
Cisco has done as much as anyone to popularize the concept of the Internet of Things, but also has developed a substantial
portfolio of products and services suitable for IT, as well as IoT, security.
Claroty specializes in industrial IoT cybersecurity, helping managers of industrial facilities and critical infrastructure
protect their networks from nation-states, criminals and hacktivists.
One thing that sets DarkMatter apart from other cybersecurity firms is its focus on resiliency within digital environments.
This startup is unique in that it specializes in airspace security — detecting drones that invade protected zones whether
at an airport or above a stadium or industrial facility.
8. Dell EMC
Dell may traditionally be best known as a hardware vendor, but the company offers an array of security offerings throughout its various
subsidiaries ranging from RSA to SecureWorks to VMware and beyond. Dell itself offers a variety of security services tailored for networks,
data, endpoints, identity and access management.
EY offers an array of cybersecurity consulting services, operating a dedicated unit that focuses on the risk posed by Internet of Things
deployments, including both industrial and consumer implementations.
ForgeRock, which specializes in digital identity management, is working to transform how businesses build trusted relationships with
people, services and things. Customers adopting the ForgeRock Identity Platform as their digital identity system of record can use the
technology to address stringent regulations for privacy and consent (GDPR, HIPAA, FCC privacy, etc.), safeguard their IoT projects and help
monetize customer relationships.
– Market size and potential growth.
IHS forecasts that the IoT market will grow from an installed base of 15.4 billion devices in 2015 to 30.7 billion devices in 2020 and
75.4 billion in 2025. Source: IoT platforms: enabling the Internet of Things, March 2016 (free, opt-in, PDF).
McKinsey estimates the total IoT market size in 2015 was up to $900M, growing to $3.7B in 2020 attaining a 32.6% CAGR. The Internet
of Things (IoT) has a potential economic impact of $2.7 to $6.2T until 2025.
Global spending on IoT technology-based products and services by enterprises is predicted to reach $120B in 2016, growing to
$253B in 2021, attaining a 16% CAGR. IoT Technology Services spending alone is expected to grow at 17% CAGR in the next five
years to reach $143 Billion in 2021. At 20% CAGR, Asia is projected to grow at the highest rate contributing to ~35% of total
spend by 2021.
Bain predicts that by 2020 annual revenues could exceed $470B for the IoT vendors selling the hardware, software and comprehensive
solutions. By 2020, total available profit will reach $60B based on their analysis and recent survey. Bain predicts cloud service
providers and analytics and infrastructure software vendors will have the most influence over IoT purchases .
Gartner predicts 6.4B connected things will be in use worldwide in 2016, up 30% from 2015, and will reach 20.8 billion by 2020.
In 2016, 5.5 million new things will get connected every day.
Internet of Things (IoT) sensors and devices are expected to exceed mobile phones as the largest category of connected devices in
2018, growing at a 23% compound annual growth rate (CAGR) from 2015 to 2021. Ericcson predicts there will be a total of
approximately 28B connected devices worldwide by 2021, with nearly 16B related to IoT. The following graphic compares cellular IoT,
non-cellular IoT, PC/laptop/tablet, mobile phones, and fixed phones connected devices growth from 2015 to 2021.
In total, we forecast there will be 34 billion devices connected to the internet by 2020, up from 10 billion in 2015. IoT devices will account
for 24 billion, while traditional computing devices (e.g. smartphones, tablets, smartwatches, etc.) will comprise 10 billion.
Nearly $6 trillion will be spent on IoT solutions over the next five years.