Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    To Secure IoT, Vendors Must Put Security at Core of Their Products

    By
    Sean Michael Kerner
    -
    March 30, 2015
    Share
    Facebook
    Twitter
    Linkedin
      Internet of things

      As opportunities in the emerging Internet of things (IoT) market grow, so too do the associated security risks that organizations need to consider.

      Sami Luukkonen, global managing director for the Accenture’s Electronics and High Technology business, is seeing vendors of all shapes and sizes coming to his organization asking about IoT, and they’re all worried about security. “For the past six months, security concerns have really been raised by industry players, due to media attention around cyber-attacks,” Luukkonen told eWEEK. “All the attention has really woken vendors up to the risks and consequences of an attack.”

      There wasn’t such attention on security prior to the last six months. Before, the big issue was around the privacy of consumer data, he said. Luukkonen sees the shift in focus to security as a sign of maturity in the IoT business.

      For many of the top vendors in electronics, IoT is at the top of their agendas for new initiatives, Luukkonen said. “The opportunity for IoT is tremendous, and everybody is going after it,” he said. “At the same time, vendors realize that they are introducing a huge number of open interfaces that could be open to attack.”

      For the full potential of IoT to be realized, it needs to be secured, according to Luukkonen. While open ports on devices are a risk, simply locking down ports is not the entire solution to the IoT security challenge. In his view, it’s important for vendors to remember that any one product is part of a broader ecosystem. For example, modern vehicles have complex in-vehicle entertainment platforms that integrate components and technologies from multiple sources—through which there is a risk of a malicious download to the car’s entertainment system. Even when an app is not made by the car vendor, it is incumbent upon the car vendor to protect users against the risk.

      “IoT security is not just about trying to protect your own solutions, but also about trying to protect your users from the whole ecosystem that is needed in IoT,” he said.

      When analyzing the potential security impact and best practices for IoT, Luukkonen said the first step is to evaluate the overall risk level that is introduced by the IoT solution across the whole ecosystem. The next step is filling whatever gaps may be present to make the product as secure as possible. The third step is to have an active monitoring capability that proactively identifies any potential security risk.

      Luukkonen said network operators are used to having active monitoring, but it’s an idea that is relatively new in the electronics space. There are also staffing considerations that Luukkonen advocates—in particular, vendors need to have a chief security officer (CSO).

      “In most large companies, all the executive board members have a direct role to either protect or build shareholder value,” Luukkonen said. “Security is an executive management team role that companies should have as there needs to be someone that can evaluate and guide the corporate management of security issues.”

      Luukkonen added that vendors should also engage in active penetration testing that tries to break into their own products, in an effort to try to find security vulnerabilities so they can be fixed.

      Security isn’t always at the core of electronics vendors’ research and development efforts, though it should be, according to Luukkonen. He noted that when he talks to the R&D directors at major vendors, they typically don’t include security as one of the top three items when they describe how they work with IoT. What vendors typically talk about is technology innovation and time to market, he said.

      “The challenge is that vendors need to recognize that security has to be at the core of the product,” Luukkonen said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×