Posted: 2 Min ReadExpert Perspectives

Why IOT Security Isn’t Fated to be a Contradiction in Terms

More work remains but steady progress is underway, offering new optimism that the industry can turn the tide in its favor

With the holidays fast approaching, many people will ignore widespread security concerns and put smart connected things at the top of their gift wish lists.

But after years contending with the vulnerabilities affecting a lot of the devices coming online as part of the Internet of Things (IoT), there’s also room for optimism. Let me highlight progress in a couple of areas.

First, there’s the emergence of more sophisticated IoT smart home security gateways such as Norton Core that offer strong protection for the multiplying number of always-on, digitally smart devices found in homes and offices. Many of these security cameras, televisions and smart thermostats are vulnerable and have been exploited by malicious hackers in recent botnet attacks.

But the advent of these new security gateways is a big deal. It means that millions of consumers will be now able to add a needed layer of protection between their devices and the bad guys who threaten to turn the internet into a veritable Wild West. At the same time, there are bigger versions of such gateways available for enterprise use.

I’m also thrilled at the progress that’s being made to hammer out industry standards around IoT security. Recently emerging standards include the “Autonomic Networking Integrated Model and Approach (anima), the Bootstrapping Remote Secure Key Infrastructures (BRSKI)” specifications along with the “Software Updates for Internet of Things (suit).” There are also nascent government efforts to create trust marks that help consumers know whether they can trust the security and privacy of the devices they are about to buy.

My enthusiasm is tempered by the acknowledgment that fixing the world of IOT security will take time. The trust marks won’t be finalized before this year’s shopping season. Also, the standards that I referred to aren’t yet widely deployed and are not going to feature in most of the gear that winds up getting sold over the next few months.

 

The proliferation of stronger gateways and stronger standards in the future gives people new options to protect their smart homes. And as the industry works more closely together to build better security into IoT devices, expect more barriers to fall.

However, at least there’s hope that the tide is turning. The proliferation of stronger gateways and stronger standards in the future gives people new options to protect their smart homes. And as the industry works more closely together to build better security into IoT devices, expect more barriers to fall.

That last point deserves a special call-out. In the space of a few years, we’ve made great progress. The work around the Online Trust Alliance and the Open Web Application Security Project guidelines is an encouraging harbinger of even closer industry collaboration. The merger of the two main IoT standards groups, AllSeen and the OpenConnectivity Foundation slightly more than a year ago gives added impetus to the advances underway.

To everyone who has participated in this historic collaboration, you deserve a big Thank You.

About the Author

Brian Witten

Sr Director, Symantec Research Labs

As Global Sr Director of Symantec Research Labs (SRL), Brian leads all long term research for Symantec. Over 12 years ago Brian joined Symantec Labs from DARPA, helping create several technologies now used in our Enterprise and Norton consumer offerings.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.