One attack in the world of connected internet of things (IoT) could be very fatal. It's been a year since the Mirai Botnet attacks and security thinking still needs to be focused on designing IoT endpoints and routers to prevent the next attack. As we put IoT infrastructure in place, a defence and in-depth strategy must be employed as the traditional network and endpoint security is not adequately containing today’s cyber threats. Successful attacks can destroy or degrade public trust in IoT therefore, IoT systems need to be secure by design.
Frost and Sullivan IoT research director Dilip Sarangan argues for governmental intervention. Sarangan says that IoT security has a responsibility spread across device manufacturers, software developers, network providers, and many others and this makes it difficult for the industry to make progress on all-encompassing standards.The scope and size of connected devices are quite massive and corporate-level regulation can only do so much. It's time for governments to start regulating IoT by creating and adopting worldwide standards so that enterprises may be able to collectively combat IoT threats.
There are billions of IoT devices with sensors, designed to transmit status to a remote agent on a regular basis. Some of these devices have an operating system or onboard applications, while some do not. Most IoT solutions run across multiple heterogeneous networks to connect these billions of devices. And where there are diverse networks there are security vulnerabilities. It is evident that undetected devices can significantly expand an attack surface yet these devices are invisible to many traditional security solutions. It is important to provide network visibility through more robust device management features in the future. Improved network visibility is key to preventing malicious actors accessing power grids and Internet infrastructure, especially at the points of interconnection. So, providing carrier-grade security at these points is critically important in order to prevent and detect any cybersecurity issues.
Security measures such as selling reference designs for various IoT devices could introduce more standardization and security since traditional network and endpoint security is not adequately addressing today’s cyber threats. Gaining the trust of people on IoT devices is of utmost importance in the search of suitable security measures.