The Internet of Things: Opportunity, Threat and Inevitability
The Internet of Things (IoT) took another step forward, as standardisation body OASIS formed a committee to enable the adoption of Messaging Queue Telemetry Transport (MQTT) for machine to machine (M2M) communications.
MQTT is a small-footprint messaging protocol designed to enable low-power devices to exchange information. Such standards matter as they accelerate technology creation and adoption, by reducing development costs and increasing interoperability. In layperson's terms, the easier it is for devices to talk to each other, the more they will do it.
IoT is very interesting to us at Symantec, most importantly because it will have a dramatic impact on the way we all use technology. The EU's Neelie Kroes suggested that up to 50 billion devices could be connected to the Internet by 2020, from pallets to fridges. Indeed, the number of 'things' connected to the Internet is expected to surpass the number of people within a year from now.
As with any technology however, such a wealth of connected devices will open up a set of risks. Last month, Michael Lee wrote in ZDNet about a range of "significant" security challenges across data privacy and physical security that have the potential to disrupt business in new ways.
From our perspective, the most interesting phase of the development of the Internet of Things could also be the most challenging, as devices and software are created which ignore or de-proritise security features in the drive to get products to market. We've seen this lack of attention to security in the past, together with resulting weaknesses in the technological fabric which are open to exploitation by cybercriminals.
While standards are essential to help reduce these risks, our attitude continues to be simple: protect the endpoints (which is why we invested in device security firm Mocana over two years ago), protect the data wherever it is, and educate the market on how to maximise the benefits of technology while minimising the risks.
It isn't hard to find examples of how the Internet of Things will have a transforming effect on both corporate and everyday lives. While standards developments like MQTT are to be welcomed, we should also be working together to ensure that the risks of the Internet of Things are minimised, both in terms of technical measures and the best practices that go with them.
Please share your thoughts below and also take a look at what Symantec Security Response recently analysed as the earliest known version of the infamous Stuxnet malware.