By Argha Bose, Head Cyber Security and Risk Business, TATA Advanced Systems Limited- Cyber Security Practice
Security risks in the world of IoT or the Internet of Things are constantly on the rise with the growth in its popularity. Although IoT has provided businesses with opportunities to create more value and improve efficiencies, the continual connectivity (along with constant information sharing) has provided adversaries with options to compromise the integrity and confidentiality of sensitive data. Consequently, the risks have grown significantly.
There is a broad range of smart devices available nowadays, which are being widely used by individuals in every business vertical. These connected devices include Alexa-enabled digital assistants, smartwatches/fitness bands, smart bulbs, etc. While, if we talk about IoT technology on the industrial level, multiple organizations had already incorporated IIoT and are reaping its benefits. For instance, Magna Steyr, an Austrian automotive manufacturer, is using the concept of smart factories to offer production flexibility. Also, ABB, a power and robotics firm, is utilizing connected, low-cost sensors to observe the maintenance of its robots to timely repair parts before they go down.
I believe that the adoption of IoT & IIoT will keep increasing with time. It is expected that the total number of IoT devices globally will reach 30.9 billion by 2025 (Source: Statista), while the global IIoT market is projected to reach USD 1.1 trillion by 2028 (Source: Grand View Research). Hence, it becomes important for us to step up and understand the security challenges of IoT technology so that the defence can be strengthened.
IoT: Things of Benefit for Threat Actors
Cyber attacks are not new to IoT, the difference is that they are becoming complex than before along with the increasing IT threat landscape. Threats actors view connected devices as an extremely valuable asset because of several reasons, including:
• Interoperability Issue: Industrial IoT (IIoT) environments usually include numerous devices, software, hardware and legacy equipment, which were primarily not designed to work collaboratively. This engenders a…