Categories: M2MNetworksSecurity

Infosec 2017: IoT Manufacturers Have To Recognise Security Risks

If there’s one area of technology that still hasn’t fully grasped the scale of cyber security threats facing the world today, it’s the Internet of Things (IoT).

It’s well documented that the number of IoT connected devices is increasing at an exponential rate in industries such as healthcare, agriculture and smart cities – and will continue to do so for the foreseeable future – but securing these devices is still largely an afterthought.

It’s an issue that we hear about on a weekly basis. From vulnerabilities in connected ovens, to flaws in internet-connected cameras and the now-infamous Mirai botnet which caused havoc in the UK, examples of hackers exploiting poor security architectures in IoT devices are everywhere.

IoT security

For obvious reasons this is a mindset that simply can’t continue and Rik Ferguson, vice president of security research at Trend Micro, has called on device manufacturers to recognise these risks and start putting security front and centre.

“It’s important to recognise that Iot is not the future, IoT is the present. It’s already embedded in many industries,” he said, speaking this week at InfoSecurity Europe 2017.

“The problem is that, by and large, the people responsible for the creation of this continuum of technology care little or nothing about security. Their driver is the creation of the market, how do I get to market first and how do I capture the customers? The people responsible for developing this technology are not thinking about security.”

The responsibility to change this mindset, he said, currently sits with consumers. Businesses and individuals need to start asking questions of manufacturers and driving security requirements rather than just focusing on the functional aspects.

But, Ferguson also warned that there will only be a finite amount of time for consumers to take this opportunity. Once IoT is more deeply integrated into smart cities “you can no longer be responsible because you no longer have control. You’re simply living in an environment created by smart and connected technology, so the choice is being taken away from you.”

What is your biggest cybersecurity concern?

  • Ransomware (28%)
  • Humans / Social Engineering (27%)
  • State sponsored hackers (14%)
  • Malware (14%)
  • Other (7%)
  • Out of date tools (6%)
  • DDoS (4%)

Loading ...

The security industry as a whole also has a responsibility to drive the knowledge and awareness that security needs to be an integral part of IoT but, ultimately, it’s down to manufacturers to change their approach.

“If you’re a company responsible for the creation of these kinds of devices you’ve got to recognise that you can’t do it alone and you need to reach out to the security industry, to experts, to researchers, to partners and realise the importance of security and the fact that there are skillsets out there that can help you build a more secure ecosystem.

“Attacks are already real, this stuff is happening now. It’s our future that we’re talking about and we owe it to ourselves to make sure that future is secure.”

Do you know all about the Internet of Things? Take our quiz!

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

View Comments

  • This applies equally to manufacturers of HW and SW on the internet. If there is to be overall security, Windows. Linux, DNS memory, CPUs, disk etc must undergo change to fit in with any cybersecurity architecture design, the only solution to this problem. I have been banging on about this architecture for a year or more to anyone who will listen but nobody will. That includes senior people who say that there must be a solution a la the one I propose but do nothing even when I contact them with the clear evidence that things are going from bad to worse. It is a clear parallel to Mark Twain's comment: 'Everybody is talking about the weather, nobody is doing anything about it.'
    The malware hits at the end of this year will show that current HW/SW and current methods are not up to the job.

Recent Posts

BNP Paribas Joins JP Morgan Blockchain Trading Network

French bank BNP Paribas becomes first European bank to join JP Morgan's blockchain-based Onyx Digital…

13 hours ago

SEC Held Off Elon Musk Enforcement ‘Due To Court Fears’

US securities regulators may have refrained from enforcement actions against Elon Musk due to discouraging…

14 hours ago

Snap Earnings Warning Triggers Tech Sell-Off

Investors spooked after Snap warns of deteriorating economic conditions, says earnings now 'below the low…

16 hours ago

Russian Operator Discounts Smartphones As Sanctions Bite

Biggest Russian mobile operator MTS begins selling discounted and second-hand smartphones as Russians hit by…

17 hours ago

Clearview AI Fined £7.5m Over Facial Recognition Data

UK Information Commissioner's Office orders controversial facial recognition firm Clearview AI to delete data it…

18 hours ago

Airbnb To Pull Out Of China Amidst ‘Pandemic Challenges’

Airbnb to pull out of China as ongoing zero-Covid policy places severe restrictions on domestic…

18 hours ago