Safe trends: Our selection of IoT cybersecurity trends to closely follow in 2019
Truly impactful trends have the power of driving the industry towards specific directions and are therefore closely monitored by top players and influencers. The internet of things (IoT) is an example of a trend that became a massive, rapidly growing industry in just a few years.
IoT connected devices, one of the fastest growing trends in technology today, are projected to amount to 75.44 billion units worldwide by 2025. As with any boom in technology, this trend brings with it new potential security problems that hackers are already exploiting en mass.
As IoT devices become an integral part of life in high-income areas, questions surrounding cybersecurity measures become an increasingly dominant part of the daily discourse.
For some interesting numbers and discussions, consider these examples:
- Statistics of homes that are exposed to attacks (did you know that “Two out of five smart homes at risk of attack”?!)
- How unprotected IoT provides an easy gateway for attackers (“The attackers found the fish tank…they used it as an entry point to the network…”)
- The responsibility levels of providers and vendors
For years, we have been working with IoT-device industry leaders, hiring cybersecurity research experts, and staying updated on the most current news and discussions in IoT security. As a result, we’ve managed to identify a few key trends.
1.Breathing down our hacks
As much as we would love to pretend that the cybersecurity arena is the only part of this constantly evolving and advancing equation, quick research shows that hackers too are moving forward at a disturbingly rapid pace. Mirai and its variants were straight-forward compared to the technologies and malware we’ve seen since: they are becoming more sophisticated, their methods more manipulative, and their attacks on smart home devices aren’t letting up anytime soon. We’ve seen attacks that resulted in the highjacking of hundreds of thousands of IoT devices at once and about a dozen attacks that shut down an entire country’s internet connection. These and other examples demonstrate the massive and growing power of hackers.
2. Mind the gap
Luckily, consumers are becoming more mindful of these threats and the need for advanced cyber solutions to protect them and their privacy. This trend of awareness also brings a challenge to the industry as reflected in a recent survey, where 23% of respondents reported refraining from purchasing smart devices for their home due to security-related concerns.
However, as more and more manufacturers and providers realize the effect of this trend on their potential profit and brand reputation, their willingness to implement advanced solutions will change, and we can expect to continue witnessing a rise in security standards and with it, a larger consumer base for IoT.
3. Safer by law
Widespread awareness of security concerns also leads to new and enhanced regulations, as we are already witnessing with the entry of the new UL-2900 regulation, for example.
These are the natural result of hacking becoming a well-established crime paradigm that widely affects personal, public, and business spheres.
In addition to placing responsibility on manufacturers and vendors for installing needed security solutions in the devices they offer, we can expect to see these and additional upcoming regulations raise the standards for all manufacturers, even in areas where they have yet to become officially binding.
4. Time is real
Given our work at Firedome, I spend quite a lot of time discussing the importance of real-time security solutions that are becoming a necessary industry standard. This has a lot to do with some of the other factors mentioned here, such as consumer awareness, manufacturer awareness, and new regulations. Security by design, while being VERY important, can’t on its own provide a sufficient solution for today and tomorrow’s dynamic security threats. You can read more about the values of EDR here.
5. Cloudy weather
IoT devices often rely on the cloud, as cloud-based solutions turn complex processes into far simpler ones. They offer seamless connection to various data resources in real-time, freeing companies to operate from different locations while enjoying remote monitoring capabilities. Cloud-connected tools will continue to gain domination through 2019, since they eliminate the issue of interoperability of IoT devices, thus making them more secure when handled properly. The enhanced control and authentication of these solutions offer better protection while remaining operational and user-friendly, which is why we’ll see more companies go through the process of transitioning to the cloud.
6. Train of thought
We often talk about technologies, regulation, and knowledge missing in the IoT cybersecurity arena, but they all rely on much needed and sought after expertise. Since cyber experts don’t come easy or cheap, many companies struggle to tackle their security challenges. The industry is currently experiencing a severe shortage of IoT security experts and will need to find creative solutions in order to overcome this problem.
In 2019, we can expect to see workers in the industry gain deeper expertise through research, training, and support. Companies will invest far more resources in educating employees and creating training programs that will form the next generation of security experts.
We can already see this process starting.. Even the media serves as an educator here, by hacking IoT devices and then reporting the detected vulnerabilities, like in this example. Needless to say, solution vendors do the same (watch our own Hack Party Demo).
7. A standard-issue
As IoT devices become more advanced and enriched, we can expect to see a rise in industry standards for communication capabilities. If each device “speaks a different language”, then connecting them all is extremely difficult, and forming a secure connection between one device and the next is nearly impossible. The upcoming years will demonstrate more unified and secure communication capabilities, which will allow users to mix and match device brands with the fair assumption that these will not only know how to communicate and seamlessly process data, but also maintain high-security standards that won’t be compromised when transitioning from one protocol to the next.
8. Face the interface
Anything you can do, application programming interfaces (API) can probably do better, or at least improve significantly. These interfaces have become an industry staple, and their importance to device security is growing as well. 2019 will see more developers enter the field of IoT security, offering the sophisticated API solutions that companies and users crave. Most manufacturers today accept the fact that APIs are part of the process, and we are about to see every player in the field, from small fish to major-league sharks, encourage and enjoy the enabling power of APIs. Applying these improvements towards security is the next logical step in IoT protection.
The IoT industry affects our lives in countless ways, and with it come many opportunities, threats, and solutions. The list we’ve created here may not cover every interesting development in the field, but it should help initiate and direct discussions about the importance of raising our industry’s security standards as well as methods for doing so. In the exciting playground of IoT, we have to play it safe, as a team.
We invite you to share your thoughts on these and other trends.