AUSTIN, Texas—Is the Internet of Things (IoT) secure yet? The short answer, according to a panel of experts exploring the subject at the NXP/FTF Technology Forum 2016 (May 17–19) here, is a resounding “no”.
“Cybersecurity is one of the foremost concerns of our age,” said Greg Kahn, chief executive officer (CEO) and president at the Internet of Things Consortium. “Attacks have skyrocketed since 2014, costing companies up to $1 trillion per year to defend against them. What’s worse is that the hackers are getting smarter. Seemingly secure information is streaming back to criminal organizations and malicious foreign governments.”
Damon Kachur is Global Business Development manager at Symantec Corporation added that software is no longer enough, each new internet of things (IOT) device needs to have specialized hardware inside. “To do it right, it has to be done at the hardware level—after that its too late.” He also added that a massive education processes needs to be put in to place compelling security providers to educate consumers on how to operate their devices securely.
Plus the information needs to be communicated in a easy-to-understand manner—like the labels on clothing, such as “The Five Things Your Need to Know.” The information also needs to be standardized—again like food labels—so that consumer can immediately see what they are getting into and how to handle it.
One of the biggest problems, according to Kachur, is authentication. “Once you are authenticated you are in, but there are no standardized ways of getting security certificates to devices making it easy to generate false ones.”
“Authentication is on the 15 billion devices to date—at both the server and the device end—but they need to be improved such as periodically polling devices/components to make sure they are what they are expected to be,” Kahn said.