News Feature | November 14, 2017

Success And Peril As The Internet Of Things Haul Trillions Into Global Economy

By Jof Enriquez,
Follow me on Twitter @jofenriq

FTC Emphasizes Need For IoT Security

The Internet of Things (IoT) is set to contribute trillions of dollars to the global economy over the next two decades as the networked system of sensors, devices, and everyday objects becomes more pervasive and ubiquitous. Pitfalls abound, however, as cybersecurity and other challenges have not been sufficiently addressed by IoT innovators.

IoT will add about $10-15 trillion to the worldwide economy over the next twenty years, according to Mohammad Abdullah Al Gergawi, Minister of Cabinet Affairs and the Future of the United Arab Emirates, who spoke before government leaders and industry experts at the second Annual Meetings of the Global Future Councils (AMGFC), held recently in Dubai, reports Gulf News.

This massive growth will begin to speed up in 2018, as IoT efforts mature from a limited experimentation stage into true business-scale implementations worldwide, according to a report by Forrester Research.

In his summary of the report, Forbes' Gil Press says that, next year, more Fortune 500 companies will be rolling out voice-based services, while marketers will reach more customers using AI-driven agents like Amazon Alexa or Google Assistant in smartphones and mobile devices. Increasingly, IoT devices will be able to perform local data analysis based on the data they generate, rather than relying solely on cloud-based or data center-based capabilities. Companies like IBM and Microsoft have already begun to move their IoT platforms from industry or IoT-specific capabilities available through hyperscale cloud providers, and this trend will accelerate in 2018 and beyond, according to Press.

The ability to connect sensors and devices to the cloud is disrupting many industries. For instance, in healthcare, sensors and trackers are now used to remotely monitor environmental and physiologic data about patients at home. The data collected is fed through machine learning algorithms in the cloud, which analyze patterns and "actionable information," and then alert clinicians, who will intervene when necessary. 

About 75 percent of all IoT projects, however, only cater to specific industries or niches, and many IoT solutions from multiple vendors currently are not interoperable, according to networking giant Cisco. Perhaps more distressing is the lack of cybersecurity, among both older devices designed with outdated software and newer products, the latter introduced into the market by startup companies with little knowledge or regard for this matter.

"Cybersecurity crime is already at an all-time high and negatively impacting global economies by upwards of 1 percent of GDP," Cisco's Australian CTO Kevin Bloch tells ZDNet.

"We are becoming more mobile, we are using more cloud services, and we are expanding IoT deployment to tens of billions of connected things, thereby expanding exploitation and attack opportunities. Our situation will inevitably get worse if we don't take the right precautions," warns Bloch. "If you don't secure it, don't connect it."

Cisco says many vendors and companies strip security mechanisms out of devices in order to keep them at low cost, which consequently makes them vulnerable to hacking.

Some security experts believe that cost indeed plays a huge factor in designing IoT sensors and devices. 

"Great security is expensive. You can’t just keep looking for vulnerabilities. You need to ship product and accept the fact you can’t solve security," said Charlie Miller, principal autonomous vehicle security architect at GM’s Cruse Automation. "You are never going to make it impossible to hack something. But, you can make it really hard."

In the article from Threat Post, Miller said security must be prioritized depending on the type of product. For example, securing devices such as insulin pumps, pacemakers, and autonomous vehicles should be emphasized.

Cisco, on the other hand, considers network-side security a must, along with improving processors, better labeling of devices, and requiring strict notification and approval alerts before allowing connectivity.