Security Among the Internet of Things
Five Questions for Jerry Irvine, National Cyber Security Task Force member and CIO at Prescient Solutions.
In 2008, Jerry was selected to join the National Cyber Security Task Force, a joint operation between the Department of Homeland Security and the U.S. Chamber of Commerce. This task force is responsible for advising federal decision-makers on cyber security policy and sharing best practices related to this urgent and ever-growing need.
As awareness about the Internet of Things grows, so too do the security concerns inherent in a world in which most devices are connected. Jerry spoke to FutureStructure about security among the Internet of Things.
1. From the perspective of the National Cyber Security Task Force, where are we in the evolution of the Internet of Things?
While the National Cyber Security Task Force does not specifically address the Internet of Things, systems automation is a major consideration especially in regards to the management and security of the nation’s critical infrastructure. Industrial control systems, such as SCADA and PLC devices, are for networked management and control of equipment. The Internet of Things is simply another iteration of systems automation which now is inclusive of consumer based products.
2. Many analysts are predicting 2014 to be the year of the Internet of Things. Do you agree and, if so, why?
Yes. The continued growth of mobile computing is less concerned with phone and text communications, and more targeted toward remote access and control of end user devices. Remote communications interfaces are being developed for traditional consumer devices such as garage doors, lights and thermostats. The mobile device has become the average person’s remote control for everything they use.
3. Given how much personal information people already share online, what additional security risks does the Internet of Things present?
As individuals begin implementing these new technologies, more of their lives and personal information will become accessible. Without the proper security measures, this information can be easily accessible or breached. Unfortunately, individuals are not as protective as enterprise organizations. Users fail to use different or complex passwords for their accounts and in many cases do not use passwords at all. Additionally, people put their meetings, vacations, current locations and other personal information on social networks. With the combination of access to all of their systems, along with their location, there is little else that can be done to protect their assets and identity.
4. Is there a point we’ll be able to recognize we’re operating among the Internet of Things or will it be a gradual transition?
We are already living within the environment of the Internet of Things. Bank accounts, insurance accounts, home lights, alarms, car ignition and GPS coordinates are all things that can already be controlled through the Internet. It is my opinion this gradual buildup of Internet-enabled devices will continue the evolution of the Internet of Things.
5. Knowing what risks the Internet of Things presents, what sort of benefits does it offer and how can we leverage those to create better neighborhoods and communities?
For every risk there is a potential reward. Once we develop the appropriate security measures to control the Internet of Things, the benefits will increase both business and personal productivity. Users will be able to control their personal time and resources more efficiently and allow for increased communications and collaboration. Automated systems can be configured to monitor and alert individuals as well as groups. Neighborhood watch programs could configure their systems to protect and alert for entire buildings, blocks or subdivisions. Natural resource utilization, including gas, electric and water could be monitored and reported on to alert waste or systems failures such as the lights being left on or pipes bursting. There are many potential benefits.