IoT security is like running before you can walk

Publish date:

Take a baby or toddler, which of course is where the phrase comes from, it first crawls, walks, climbs, runs and finally cycles. Security should be the same.

First you should secure your home, office, data centre and then move onto the network, endpoints, websites, email servers, etc.

Many companies have not done much of the above. Take various City of London offices, LCD screens with users on are sitting next to windows. Good front office access control maybe but you can look over someone’s shoulder from outside.

Then you need to secure the network with the use of hardware firewalls and IPS (intrusion detection prevention.) Mail servers and webservers are next since they face the world wide web and further down the line is endpoints.

Makes sense? Likely to some. The problem is companies are struggling to secure their normal network because they do not understand the risks or care. Plus, there is a shortage of products which actually work and a global shortage of skilled staff.

Move onto IoT (internet of things), if anyone including home users is struggling to secure their conventional kit why move onto IoT which can add a physical element into the equation? Webcams, CCTV, heating/electricity control companies do not put much effort into security.

Home users and some businesses simply follow a “craze” and run out there and buy everything their friends or colleagues have. Wealthy home owners get everything plugged in and it goes through the generalist home router/modem.

Do people really need to turn off their iron or open the curtains from outside the door? Not really but it sounds cool. Actually securing these devices with hardware and labour would likely cost more than the IoT devices itself.

“When fridges attack” is a good example. The fridges in question were/are made by well-known manufactures not a cheapy firm no one has heard of. Two years ago there was a story about a hijacked baby monitor. Now the physical and cyber worlds collide.

The next time you go out to buy something for your home, think is it secure, can you secure it and do you need it. I have barely seen a company which has a web page dedicated to the security, testing and certification of the hardware they are selling.

Related Posts


Capgemini presents Next Generation Security Operation Center

Christer Jansson
June 14, 2018
Next generation security operation centers (SOCs) resolve the need for cybersecurity skills and help organizations counter threats
Design Thinking

Finding hotspots in cold chain logistics by using Design Thinking

Verkuijlen, Thijs
June 5, 2018
How do we leverage our Design Thinking capabilities at the SAP Innovation Center to get to a solution that creates value for end users.

Selling security and privacy: Why cybersecurity is the new competitive advantage for retailers

Subrahmanyam KVJ
May 28, 2018
Consumers now see cybersecurity and data privacy as one of the three main reasons to select a retailer, beating even price. In India, it even comes out on top as the number-one reason to do business with a particular retailer.

By continuing to navigate on this website, you accept the use of cookies.

For more information and to change the setting of cookies on your computer, please read our Privacy Policy.


Close cookie information