Cars, baby monitors, lightbulbs, fridges, smart meters, tram systems, traffic lights – if it’s an IoT product category, it’s been hacked.
That’s according to Duncan Brown, research director, European Security Practice at IDC.
“There is no IoT device category out there that has not been hacked,” Brown told PCR.
“Most consumer-focused products are being developed quickly and rushed into market without much consideration for security. This is an attribute of an early stage market, and security is currently an afterthought.”
Brown revealed that as the market scales and matures, security will be increasingly added into products, much in the same way as cars have added safety features into their basic specs.
When it comes to businesses, the potential impact of having a critical infrastructure system being hacked is substantial, meaning most systems have security built in. Many of the systems, though, were never designed to be connected to the internet and are now exposed to new threats.
“In these cases, security needs to be retrofitted, but this can be complex and expensive,” warns Brown.
As the IoT security threat becomes more prevalent, and right now the products themselves aren’t providing as much security as the experts are asking for, how is selling security changing?
“Security used to be sold as an optional add-on, purchased in the same way that people buy insurance for consumer appliances,” Brown said. “Today, it is increasingly being integrated as a core component within other solutions, or even the starting point for some companies as they seek to re-architect their IT infrastructure.
“Security is increasingly less about discrete products such as antivirus. Security is now being embedded into other solutions, such as online cloud file sharing services. Consumers are more likely to buy security features if they are integrated and embedded in other online products or services,” he concluded.
Throughout November, PCR is running a dedicated Sector Spotlight on Security – Click the logo below for more articles