The IoT Security Opportunity

By: Mark Cummings, Ph.D., William Yeack, CSE

Today’s profusion of IoT devices opens an entire realm of new security problems for both the user and providers. Telecommunications providers are uniquely positioned to address these critical issues. Doing so requires the deployment of an automated dynamic security orchestration service—and represents a new, highly profitable revenue source that will deliver CSP benefits to investors, customers, regulators, and employees.

Today, many telcos have profitable MSSP (Managed Security Service Provider) offerings for their large enterprise and government customers. Recently, there has been a wave of IoT devices and systems sold to consumer and SOHO (Small Office Home Office) markets. Given the blitzkrieg of cyberattacks by organized crime, nation state pirates, and neighborhood petty criminals, these devices and systems cry out for dynamic security orchestration services. Communications Service Providers (CSPs) are uniquely positioned to provide these services—and have a responsibility to do so. This is because only CSPs have both the reach and the visibility to provide these services. 

Yet challenges abound. Current MSSP services are highly manual, akin to the plugboard switching of early telcos. To effectively protect the consumer and SOHO markets, dynamic orchestration must be automated, meaning a move to automated switching. With such an automated dynamic orchestration platform, this service has the potential to become a large and highly profitable new revenue source.

A look at the origins

Taking a step back yields a broader perspective. The consumer and SOHO digital markets grew out of the PC and the Internet. The PC, Internet, and web are still important, but three other factors have come into play and a fourth is on the horizon. First, the PC is no longer directly connected to the Internet. It is now linked to Wi-Fi and other wireless network access points. Second, the overall amount of information and the percentage share of consumer and SOHO information stored and delivered digitally has mushroomed. Whether on PCs, attached storage of one type or another, or in the cloud, the overwhelming percentage of critical data as well as entertainment is stored and delivered digitally. Third, to this is added a host of IoT devices. These devices connect to the Internet via local wireless. They include smart thermostats, smart light bulbs, digital door locks, video surveillance systems, baby monitors, health monitoring systems, health intervention systems, children’s toys, smart irrigation systems, other types of environmental sensors, other automated controls, and so on. Add to this array smart speakers that connect to digital assistants on the web. Finally, with the rise of 5G, the volume of traffic and data will grow dramatically, and even the best security approaches in widespread use today will become overwhelmed. And IoT is not yet using even today’s best security approaches.

Digitization brings new complexity and threats to security

One group in the SOHO market has had a particularly intense increase in digitization. This is the medical niche, including doctor’s offices, clinics, and hospitals. In medical environments, DoS (Denial of Service) and other forms of intentional or unintentional disruption can have life-threatening consequences in addition to the financial impacts of data exfiltration.

This evolution from the PC to IoT has produced profound improvements in productivity, ease, and quality of life. But it has also greatly enlarged the attack surface and extent of possible damage from cyberattacks. The increase in the attack surface has not gone undetected by criminals.


Latest Updates

Subscribe to our YouTube Channel