IoT - Pandemics, Opportunities And Massive Data Risks

The Internet of Things (IoT) is an electronic system, which is develoong at ever-increasing pace since it began in 2000, of interrelated computing devices, mechanical and digital machines that each have unique identifiers. This process transfers very large amounts of data over a network without requiring human or computer interaction and this data is difficult to process using traditional management tools. 

As part of the development  Internet of Things (IoT) massive amounts of unstructured machine data will be inevitably created. The experst at McKinsey estimates that by 2025, the world will own 50 billion networked devices, a 400 per cent increase on 2010, and creating $11 trillion in economic value. 

While this proliferation of networked technology over the last 20 years has created a myriad of opportunities for businesses, governments and developers to explore it has created new challenges to overcome.

Right now, the IoT is very little use in combating the COVID-19  epidemic although it probably can be used to prevent future pandemics. The consulting firm Frost & Sullivan, have outlined a future healthcare scenario  defined by a network of IoT  sensors placed throughout the world that would be used to monitor individuals for infections, acting as an early detection system that would reduce uncertainty and provide governments with reliable data to quickly act on and stop the spread. 

What Is The IoT?
Put simply, IoT is a system of physical objects that can be discovered, monitored, controlled, or interacted with by electronic devices that communicate over various networking interfaces and eventually can be connected to the wider Internet. The IoT landscape ranges from smart tags to sensing and monitoring wearable devices and to more complex objects such as appliances, machines, and cars. These smart objects constitute the building blocks of smart environments such as smart homes, buildings, factories, and cities.

What Are The Risks?
With the wide scale of IoT systems, the security and cyber-threats are magnified, by virtue of the sheer size of the ‘attack surface’ and number of potential entry points. According to recent data, 26.66 billion IoT devices were active in 2019 and 127 new devices are being connected to the Internet every second. 

The key challenge is the management and protection of all the data that IoT captures and uses, there are a number of ways to address this for developers of devices, users and insurance providers.

A primary concern, as with most cyber-risks, is the loss or compromise of data, especially customer and personal data. As a result, privacy should be a crucial component of IoT, especially with regards to data transmission. In one incident, a casino had high profile customer data stolen via the WiFi connected temperature monitor in their smart aquarium. As supply chains and business processes become more reliant on networked devices, businesses are more at risk of attack. Significant business interruption, through devices being taken offline by a hack can result in a significant loss in revenue, or even worse, reputation and trust.

An emerging risk of IoT is that of cyber-physical, take the example of a medical devices such as pacemakers, self-driving cars or expensive industrial processes controlled by a connected device. A malicious hack of these devices, taking control of these activities could lead to costly and potentially dangerous physical damage or accidents.

Stuxnet was one of the first instances of a computer worm destroying real-world devices, as opposed to just hacking them to perform software damage. 

Stuxnet targeted programmable logic controllers (PLCs) used to control uranium centrifuges (machines used to isolate isotopes of uranium) and reprogrammed them to perform varying cycles that result in the centrifuges disintegrating. Although Stuxnet was not a typical IoT attack because it relied on PLCs to be connected to a Windows machine, it represents a clear example of the damages caused by hacking mission-critical devices.

How To Reduce & Alleviate The Risks
Measures users can take to limit risk (and indeed liability in the event of a cyber-incident) include: considering security requirements since the initial stage of system design; using strong passwords and security keys, updated regularly; monitoring devices and systems to detect and swiftly response to security events; continuously updating security of devices with the download of patches from the manufacturers.

Insurers have a crucial role in mitigating these risks through varying degrees of cover which address risks including compromised networks, business interruption of IoT (if they are taken offline) and the theft of data.

Conclusion
It is clear that the IoT is becoming increasingly central to both our way of life and how businesses and infrastructure operates. As the opportunities for innovation grow, it is paramount that we remain conscious of the risks at play and how we mitigate these. The combination of IoT and 5G will transform society for the better, but that there are a lot of security risks to consumers and businesses that can't be left unchecked.

IoTForAll:       ITProportal:    ITProPortal:        Motley Fool:       BC Courier

You Might Also Read:

Mandatory IoT Security In Britain:

 

 

 

 

« Zoom-Bombing Hijackers
The US Has A New 5G Security Strategy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

Global Digital Forensics (GDF)

Global Digital Forensics (GDF)

GDF specialise in Digital Forensics and e-Discovery. Other services include Data Breach Response and Cyber Security.

Trust in Digital Life (TDL)

Trust in Digital Life (TDL)

TDL is a membership association comprising companies, SMEs, universities and research institutes who exchange experience and insights to make digital services in Europe trustworthy and safe.

Bufferzone Security

Bufferzone Security

Bufferzone is a patented containment solution that defends endpoints against advanced malware and zero-day attacks while maximizing user and IT productivity.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

MACH37

MACH37

MACH37 is a market-centric cybersecurity accelerator program designed to facilitate the creation of the next generation of cybersecurity product companies.

Office of the Government Chief Information Officer (OGCIO) - Hong Kong

Office of the Government Chief Information Officer (OGCIO) - Hong Kong

OGCIO supports the development of community-wide information technology infrastructure and setting of technical and professional standards to strengthen Hong Kong’s position as a world digital city.

Swarmnetics

Swarmnetics

Swarmnetics helps customers discover hard-to-find software vulnerabilities by hacking your system before the bad guys do.

SIA Group

SIA Group

SIA Group, an Indra company, combines Consulting, Systems Integration and Managed Services in four specialized business areas: Information Security, Storage, IT Management and IT Mobility.

NewAE Technology

NewAE Technology

NewAE Technology is revolutionizing the hardware security market by making every engineer and designer aware of side-channel power analysis and glitching as important attack vectors.

Space Hellas

Space Hellas

Space Hellas is a dynamic, established System Integrator and Value Added Solutions Provider, holding a leading position in the high technology arena.

Cydea

Cydea

Cydea are an optimistic cyber security consultancy of experts in security, data, technology and design that want to build a safer, more secure world where more things go right.

Insane Cyber

Insane Cyber

Insane Cyber make cybersecurity easier to manage through automated, easy-to-use software and expert support and partnership.

Hiya

Hiya

Hiya's mission is to secure voice with trust, identity and intelligence. We're protecting people from spam and fraud calls, and helping carriers secure their networks for all.

Sandfly Security

Sandfly Security

Sandfly focuses on Linux security that is high performance, high stability, high compatibility, and low risk.

HazeGrayCyber

HazeGrayCyber

HazeGrayCyber offers comprehensive technical services to bring your company to the next level.