https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/footer-logo.png
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Architecture
  • Engineering/Development
  • Security
ioti.com

Security


Thinkstock

Security

Tackling the IoT Security Challenge: A Business-Minded Approach

It may be tricky to ask for an ROI on your security spending, but IoT security is best viewed through a business lens.
  • Written by Brian Buntz
  • 23rd January 2018

“Forget about perfection; focus on progression, and compound the improvements.” —Sir Dave Brailsford

In the early 2000s, there was an apparent uptick in experts claiming to make surprising discoveries by applying statistics and economics to random-seeming subjects. The 2003 book “Moneyball” explored the use of analytical tools to competitive baseball. Two years after that, “Freakonomics” used economic theory to analyze such subjects as sumo wrestling and parenting. In 2002, Sir Dave Brailsford brought the idea of continuous improvement, a hallmark of Kaizen and Six Sigma methodologies to British cycling. Having earned an MBA, Brailsford helped popularize what he termed “aggregation of marginal gains.” The basic idea is that an organization can make dramatic progress by taking a complex problem, breaking it into smaller elements and aiming to improve each of those by 1 percent. Long story short, Brailsford went on see great success at the Olympics and later, with Britain’s first professional cycling team.

The time is ripe to embrace such an analytics– and economics-driven approach to address the current IoT security challenge. A casual glance at the IoT security landscape reveals a whirlwind of vendors with dramatically different messaging and products. Listening to the profusion of messages can lead to the conclusion that an organization can achieve a rarified security level by purchasing a slew of security products and services. But your organization could spend an infinite level on IoT security and still get hacked.

[Internet of Things World demonstrates how the next generation of IoT will converge to unlock the intelligence of things in the industrial, enterprise and consumer realms. See what’s new for 2018.]

Framing security through an economic lens — and working with partners that share that vision — is a more fruitful approach than viewing cybersecurity in binary terms.

In the IT space, the idea of risk alignment in business and security has been popular for about a decade. But while it is easy to pay lip service to the notion of business-minded IoT security, there are numerous examples of insecure IoT products in the field today that indicate this approach is rarer than it should be.

The problem is often rooted in a cultural disconnect that separates executives as well as IT and OT professionals. “Executives generally treat [security] like a technical problem handled by technical people buried in IT,” said Paul Proctor, VP and distinguished analyst at Gartner at the last Gartner Symposium in Barcelona. In theory, executives want their products to be secure “until you start telling them that it is going to double their budget, double their schedule and negatively impact customer experience,’” Proctor added. 

Something similar to this scenario is happening in the IoT world, where too many organizations hawking IoT products have been lackadaisical about security, rushing products to the market with security snafus such as hard-coded passwords, insecure web interfaces and shoddy cloud interfaces.

While there is certainly a value in analyzing common IoT security challenges and mistakes, it is perhaps more helpful to view them as symptoms of a larger problem: carelessness. There’s also the idea that achieving IoT security is a goal that runs counter to business aims — triggering, for instance delays, usability hassles and added costs. But organizations with such a cavalier attitude toward security invite “black swan” events — “high-impact events that are rare and unpredictable, but in retrospect seem not so improbable,” as Harvard Business Review puts it. In the IoT realm, such episodes are costly and can even have fatal consequences under the right circumstances. For instance, a 2015 Jeep hack by a pair of security researchers managed to trigger a recall of 1.4 million vehicles by remotely killing a Jeep on the freeway with the driver’s consent. Imagine the possible consequences if black hat hackers pulled a similar stunt to an unsuspecting motorist.

Given the very real possibility for such outcomes, organizations should view security as a critical business consideration, working to improve their security posture at every possible level and with every team member. By incrementally improving security throughout, organizations can dramatically curb their risk of falling prey to cyber disasters, while developing a higher resolution view of the state of their business and the risks it faces. In fact, each discrete business unit within an organization should “decide how much security they want and how much they want to spend,” Proctor recommended. Proctor also is a fan of framing security like Olympic medals — with gold, silver and bronze options.   

Organizations shooting for gold-security would do well to take to heart Sir Dave Brailsford’s so-called podium principles, built on strategy, performance and continuous improvement. Such an approach can transform security from something that seems abstract and unobtainable to something vital and within reach, as the prospect of winning gold medals first seemed to the British Cycling team in 2002 — when they won just one gold medal in 76 years. “To give you a bit of background, when we first started out, the top of the Olympic podium seemed like a very long way away. Aiming for gold was too daunting,” Brailsford told Harvard Business Review. In the 2008 and 2012 Olympics, the team went on to win seven of the 10 gold medals possible. What a difference a bit of economic theory and some hard work can make — for athletics, IoT or nearly anything else. 

Tags: Article Security Technologies

Related


  • Tactics for Successfully Selling IoT Technologies
    While this year has proven the value of digitization, many enterprises need persuasion. Experts discuss strategies for successfully selling IoT.
  • Smart City
    Smart Cities Need Multiple Solutions
    If you feel overwhelmed by smart city complexities, there’s good news: integrating different technologies can deliver multiple benefits, many of which are achievable no other way. C-level leaders in municipalities all over the world point out that successful smart cities will be the ones that can offer multiple benefits to a broad range of communities […]
  • Intro to LynxSecure
    There are multiple hypervisors in the market, but LynxSecure is different, primarily in its simplicity. LynxSecure acts as a static programmable hardware partitioning system that creates virtual machines and, after boot, loads VMs and “gets out of the way.” It is the foundational software for LYNX MOSAic modular development framework, and allows builders of complex […]
  • Cybersecurity concept
    Can Privacy-Preserving Machine Learning Overcome Data-Sharing Worries?
    Data volumes are exploding faster than our ability to interpret or secure them. Can techniques such as privacy-preserving machine learning address those challenges?

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • Cybersecurity Crisis Management During the Coronavirus Pandemic
  • COVID-19 Driving Data Integration Projects in IoT
  • AI Ups the Ante for IoT Cybersecurity
  • Protecting Your Network Against Ripple20 Vulnerabilities

News

View all

Private LTE Market Projected to Grow to $13 Billion

12th January 2021

IoT World Announces 2021 IoT World Advisory Board

9th December 2020

White Papers

View all

The eSIM Cookbook – Towards the Next Generation of Connected Devices

22nd February 2021

eSIM Delivers Greater Freedom for OEMs – by Beecham Research and Truphone

22nd February 2021

Special Reports

View all

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

Webinars

View all

Weber’s Journey: How a Top Grill Maker Serves Up Connected Cooking

25th February 2021

From Insights to Action: Best Practices for Implementing Connected Device Security

15th December 2020

Galleries

View all

Top IoT Trends to Watch in 2020

26th January 2020

Five of the Most Promising Digital Health Technologies

14th January 2020

Industry Perspectives

View all

IoT Spending Holds Firm — Tempered by Dose of ‘IoT Pragmatism’

1st December 2020

The Great IoT Connectivity Lockdown

11th May 2020

Events

View all

IoT at the Edge

17th March 2021

Embedded IoT World 2021

28th April 2021 - 29th April 2021

IoT World 2021

2nd November 2021 - 4th November 2021

Twitter

IoTWorldToday, IoTWorldSeries

📢 Announcing #EIOTWORLD sponsor, @aicas_IoT — a flexible, more efficient approach to embedded realtime application… twitter.com/i/web/status/1…

4th March 2021
IoTWorldToday, IoTWorldSeries

Microsoft Ignite 2021: Innovation in COVID-19 Era Signals Future Trends dlvr.it/RtwYcg

4th March 2021
IoTWorldToday, IoTWorldSeries

At Microsoft Ignite: How IoT and Robotics Are Driving Industry 4.0 dlvr.it/Rttgwj

3rd March 2021
IoTWorldToday, IoTWorldSeries

🎙️ Introducing #EIOTWORLD speaker, Obinna Ilochonwu, Industrial IoT Architect at Schlumberger. 📅 Join his session… twitter.com/i/web/status/1…

2nd March 2021
IoTWorldToday, IoTWorldSeries

#Smartbuilding technology lays the foundation for #energyefficiency efforts but also new COVID-19 goals, such as… twitter.com/i/web/status/1…

2nd March 2021
IoTWorldToday, IoTWorldSeries

IoT Remote Monitoring Helps Enterprises Traverse COVID-19 and Beyond dlvr.it/RtZ3K5 https://t.co/owJXYf1gkO

26th February 2021
IoTWorldToday, IoTWorldSeries

Securing the Industrial Internet of Things dlvr.it/RtYfYk https://t.co/khUn79dvQD

26th February 2021
IoTWorldToday, IoTWorldSeries

📢 Announcing #EIOTWORLD sponsor, @BluetoothSIG — the global standard for simple, secure wireless connections. ➕ Le… twitter.com/i/web/status/1…

26th February 2021

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X