IoT to transform enterprise security


By Dylan Bushell-Embling
Monday, 05 May, 2014

IoT to transform enterprise security

The rising tide of the Internet of Things (IoT) will force many organisations to expand the scope of their IT security programs, Gartner predicts.

IoT security requirements will cause chief information security officers (CISOs) to broaden their security efforts, Gartner research Vice President Earl Perkins said.

“The IoT is redrawing the lines of IT responsibilities for the enterprise,” he said. “IoT objects possess the ability to change the state of the environment around them, or even their own state; for example, by ... adjusting the flow of fluids to a patient in a hospital bed based on information about the patient’s medical records.”

But with each new identifying, sensing and communicating device added by a business, the responsibility of the security practice expands.

Perkins said IoT represents an “inflection point for security”. The changes to the governance, management and operations of security functions that will be required will dwarf those motivated by the BYOD, mobile and cloud computing trends, he said.

“Real-time, event-driven applications and nonstandard protocols will require changes to application testing, vulnerability, identity and access management (IAM) - the list goes on,” he said.

While the use cases being developed for the IoT are new, the technology that underpins them are often anything but.

“This represents an interesting challenge for CISOs when delivering secure services for the IoT,” Perkins said. “Even out-of-maintenance systems such as Windows XP may still play a critical role for some industry infrastructure as part of an IoT security system. Security planners should not throw away their old security technology manuals just yet.”

Because the IoT is a relatively new paradigm, there is no definitive guide to securing IoT available, Perkins said.

“What constitutes an IoT object is still up for argument, so securing the IoT is a ‘moving target’. However, it is possible for CISOs to establish an interim planning strategy, one that takes advantage of the ‘bottom-up’ approach available today for securing the IoT.”

Pictured: Gartner Research Vice President Earl Perkins

Related Articles

Emergency onboarding: what to do before and after a data breach

Organisations that have an emergency onboarding plan are better positioned to have their business...

Savvy directors are demanding more points of proof when cyber incidents occur

Pre-agreement on what a post-incident forensics effort should produce — and testing it out...

Cyber-attack prevention is better than a cure

Corporate and political decision-makers need to invest in areas that do a better job of...

Content from other channels on our network

The critical drive for technological innovation in emergency services

Command & Control Communications at the Heart of Utilities Worldwide

ARCIA's Sydney conference and networking dinner returns

Designing cellular antennas into small IoT products

Govt funds telco resilience tech, responds to LEOSat report

F5 reaches Australian public sector milestone

RingCentral launches AI contact centre solution in AU

Western Sydney councils' transport plan endorsed

Australian researchers launch global misinformation database

Broadcom revamps and simplifies VMware portfolio

John Holland employs asset trackers for spoil management

Embracing the Future: The imperative for digitisation and condition monitoring in industrial and mobile equipment

When does a conductor not conduct?

Purdue-created tech makes 3D microscopes easier to use

Cracking the code on spin currents

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd