How the IoT boom has left businesses open to cyber attacks

We live in a world where the only constant is change. The brightest minds in the technology industry continue to innovate at such a rapid pace that our once outlandish predictions for the future, including the rise of technologies such as Artificial Intelligence (AI) and Virtual Reality (VR), are no longer far-fetched, but are a growing reality. One of these is, of course, the Internet of Things (IoT), an innovation that has become so popular that last year 18 per cent of UK homes installed internet-connected smart devices, and a further 34 per cent plan to do so in the near future.

However, IoT technology is not just limited to the home. Networked technologies, such as modern IP cameras designed to replace traditional analogue CCTV solutions, are beginning to revolutionise the business landscape too. An obvious example of this comes from the retail sector, where traditional CCTV technology has been used for security purposes to mitigate shrinkage. While, of course, still a major issue for retailers, this technology has since shifted to networked IP cameras allowing retail stores to do so much more by utilising real-time video data to increase intelligence around the business.

Being able to monitor video footage in real-time has meant retailers can identify, for example, large queues at the check-outs and open new tills to ease the congestion. Store operators can also identify that a customer has been dwelling next to a certain product for a sustained period, and advise a member of staff to offer guidance on a purchase. While the switch to IP cameras brings exciting new opportunities, there are potential drawbacks. If this technology has not been installed correctly, it could create a backdoor into the IT network.

The cybersecurity of networked devices is top of the agenda, not only for security and IT staff, but also at a boardroom level. With the General Data Protection Regulation (GDPR) due to become enforceable in May 2018, it is imperative that all organisations review their cybersecurity processes to avoid the risk of fines of up to €20 million, or 4 per cent of a company’s annual turnover, whichever is greater. The manner in which an IoT device is deployed is key to its security and, if not installed with security in mind, can leave organisations wide open to cyber-attacks.

The problem is that often little thought is given to the security of devices being connected to a network, with the focus on the business benefits the technology will provide. What has become clear after many years of consistent news headlines detailing the latest security breaches, is that any untested device may be a potential avenue for hackers to target a network. This could be anything from an employee simply plugging in a USB stick, to an untested IoT device.

To mitigate such threats, manufacturers must work together as a cohesive unit. Where security specialists once dealt with the entire procurement and installation process, this must now become more collaborative. Manufacturers and vendors must also follow a ‘secure by design’ and a ‘privacy by design’ product development ethos..

This is crucial to any IoT technology deployment today. While physical security technology has been designed to protect companies from physical threats, the risk of cyber-attack is one that cannot be underestimated in today’s online world. Cybersecurity must become a boardroom level issue across all sectors; and a vital component of the business process rather than a mere afterthought.

A truly secure business, that can effectively protect the data it stores and generates, requires collaboration and technology that is secure from the outset. For more tips on how the ensure the security of IoT technology, download this Hardening Guide

Check Also

Next-Generation Technology and the Future of Risk Management

Ryan Swann, Founder at Risk Smart breaks down why a proactive approach to risk management …