ERP News

Is it time to regulate the IoT?

859 0

By 2020 there will be a staggering 200 billion of the IoT devices in operation, according to Intel. This high number of end-points will change the way we communicate with each other, interact with our surroundings and will have a significant impact on the UK marketplace. However, with so many connected devices out there sending data over the internet, there is the growing prospect of serious security issues.

If the IoT is not handled with care, the number of cyber attacks and data breaches will increase markedly. The steps that are taken by the authorities and other stakeholders over the next period will be crucial to ensuring a safe, efficient and successful IoT network that drives development and growth.

Bizarrely, it’s the accelerated growth in the IoT space that is raising the spectre of greater security problems. The commercial pressures that manufacturers are under have sparked a race to be first-to-market with new IoT products. Of deep concern is that manufacturers often overlook security when developing new devices. This is typical because they may lack institutional experience around working with connected devices or might not be able to afford the extra time or budget to build-in adequate security. From a security perspective, the implications of this can be dire.

Taking responsibility

This somewhat ad-hoc approach to security, along with a lack of any defined IoT security standards, has resulted in damaging cybersecurity events, such as the Mirai Botnet incident in October 2016. This crippling attack saw enormous blocks of IoT devices infected with malware, which were then used to attack core Internet infrastructure. Mirai was a stark reminder of how serious cyber-attacks on vulnerable IoT devices can be. Alongside a lack of widely-adopted IoT security standards, there is the huge question of who is responsible for the security of these connected devices.

Most IoT devices are designed to remain active for years, perhaps even decades. Can we really expect consumers to ensure their devices are kept patched and up to date? Unlike a home PC, connected devices generally lack a user interface, so even the question of how to notify customers about updates remains a challenge.

In the past, if a product met standards and the terms of its guarantee, it ceased to be the responsibility of the manufacturer. But IoT devices are different, as they are linked to the Internet, meaning the vendor must continue to provide security updates. It’s also not yet clear who is ultimately responsible for making sure an individual device is updated, or what happens when an IoT manufacturer goes out of business and is unable to support their product. This is not a clear-cut situation.

Pros & cons of regulation

It is heartening to see the UK government take steps towards making the IoT a safer space for everyone concerned. In March, the Department for Digital, Culture, Media and Sport (DCMS) announced a new IoT Code of Practice, focused on driving up the overall security of the IoT ecosystem. These measures will help to ensure that all stakeholders, including manufacturers, take security seriously. Laying out clearer roles and responsibilities for manufacturers and others operating in this space will help businesses to better understand their own role in protecting the end user.

Read More Here

Article Credit: Software Testing News

Leave A Reply

Your email address will not be published.