Current technological breakthroughs offer us plenty of applications that makes life easy and efficient. IoT is one such development which is transforming the world by connecting millions of devices and sensors to deliver huge volumes of data creating a cognitive single data touch point.
Shanghai, the world’s most populous city which has deployed IoT to manage and sustain its rapid growth by adopting demand response system which notifies commercial electricity users to temporarily reduce their consumption when energy demand is peaking and rewards them if they comply.
However, such massive infrastructure is constantly under threat from intruders waiting to extract the sensitive and private details of every user including businesses.
According to Infoholic Research the IoT security market in Asia Pacific is expected to grow at a CAGR of 38.4% during the forecast period 2017–2023 to touch an aggregate of $12.77 billion by 2023.
The security challenges
With Asia becoming the face of digital innovation in the world driven by its ability to be a manufacturing hub with countries like India and China, will make Asia-Pacific IoT security a major market.
The IoT security in the region grabbed the attention when Singapore based StarHub’s services went down. To further safeguard their network and customers from cyber-attacks the company scheduled home visits to customers whose internet-connected devices were accessed without their knowledge during DDoS attacks on their home broadband domain name servers (DNS).
As more IoT devices installed in the market the risk of security breach is go up. It also pushes insecure devices in the market which becomes very difficult to fix. It is a given that this lack of security is going to continue for a foreseeable future and the number of IoT attacks are only going to increase.
Security flaws are witnessed across IoT deployments with close to 80% of organizations in Asia Pacific experiencing some breach related to IoT security at some point of the time making it the maximum in the world. As a result, many industry experts state that a holistic IoT security strategy which is built on a strong network access control and policy management needs to be framed to protect enterprises.
If businesses do not take immediate steps to gain visibility and profile the IoT activities within their offices, they run the risk of exposure to potentially malicious activities,” said Chris Kozup, Vice President of Marketing at Aruba.
“As the quantities and variety of IoT devices will eventually surpass computers and mobile phones, we will see greater security incidents, and hackers leveraging unique capabilities of devices for their financial gain,” added Tim Liu, CTO, Hillstone Networks.
Role of manufactures and their deployment cycles
There is a need for IoT manufacturers to be more watch full about securing their devices which will help to minimize risks. The vendors should proactively sell smart devices and equipment by implementing security-focused development cycles. Further industrial IoT users must simulate the attack to determine different scenarios and protect points of failure.
David Siah, Country Manager, Singapore, Trend Micro said, “An industrial plant’s network defense technology must, for instance, be able to detect and drop malicious network packets via network intrusion prevention systems”.
Researchers from Fortinet’s cyber security intelligence arm are of the option that in case IoT manufacturers are not able to secure their devices, there is a good chance that consumers might hesitate to buy their devices out of cybersecurity fears, which will have a devastating impact on the digital economy.
Full proof authentication and ‘Device Certification’
Lack of proper regulations and accountability related IoT device vendors leads to the high probability of security gaps which cyber criminals readily exploit. There is need to authenticate IoT devices and encrypt data transmitted throughout IoT systems and build an internal IoT security networks which will protect and monitor all the devices.
This mutual authentication will help to ensure that devices will accept commands only from authorized systems. It will minimize pitfalls hackers try to exercise using unauthorized control of devices like medical equipment and smart city infrastructure.
Key players in APAC IoT security
IoT security in APAC will be a game for many players. Most of the market is currently acquired by few large security players such as Cisco, McAfee, IBM, Oracle, Symantec Corp., FireEye, and Gemalto.
The market will witness a gigantic competition in the next 3–5 years as a lot of SMEs are inflowing into the market with strong portfolio, challenging the big security players. Mergers & acquisition will also play a major role as small companies are turning into targets by cyber security organization
The way forward
The new way of thinking among IT departments is that security of the things is even more important than security of the data when coining an IoT strategy. The IT departments are selecting a technology partner, who has a track record of IoT security. They are going a step further by hiring separate independent IoT hackers by giving them incentives only to find out system’s vulnerabilities.
Considering all the concerns with regards to IoT, enterprises must include it in their strategies for the future, as IoT offers a huge horizon of opportunity which cannot be ignored because of security concerns.
The start-ups in ANZ are creating awareness to promote secure practices in the IoT ecosystem. The South Korean government also is making huge investments to make the country safe & secure.
“With foresight into these current trends, practical planning, and persistence implementation, one can move the organization’s vision for IoT forward with confidence in your security practices,” advised Ixia’s Naveen Bhat.