STUDY: INTERNET OF THINGS SECURITY BREACHES LARGELY AVOIDABLE

September 15, 2016

 

By Ernie Smith

Think the era of the Internet of Things (IoT) is problematic from a security perspective?

It might be, but those security problems aren’t all that different from the ones you’re already working through at your organization in other contexts.

That’s the take of the Online Trust Alliance, which argues that security issues posed by wearable devices and other connected tools are often avoidable with traditional  strategies.

“In this rush to bring connected devices to market, security and privacy [are] often being overlooked,” OTA President and Executive Director Craig Spiezle said in a news release. “If businesses do not make a systemic change, we risk seeing the weaponization of these devices and an erosion of consumer confidence impacting the IoT industry on a whole due to their security and privacy shortcomings.”

OTA, which began working on an IoT Trust Framework last year, conducted research on security incidents involving connected devices, analyzed whether relying on the framework would have prevented a security incident, and then combined research to inform its point of view on the issue, which it revealed this week as part of its “IoT Trust Framework Resource Guide.”

Among the issues that OTA found common with IoT security breaches were poor credential management, a lack of security testing, a lack of transparency around data collection, and a lack of planning for addressing vulnerabilities.

“Security starts from product development through launch and beyond, but during our observations we found that an alarming number of IoT devices failed to anticipate the need of ongoing product support,” Spiezle said.

The group developed its IoT Trust Framework, released in March, with the help of a number of major companies, including Microsoft, ADT, and American Greetings, along with the National Association of Realtors.

 

 

It might be, but those security problems aren’t all that different from the ones you’re already working through at your organization in other contexts.

That’s the take of the Online Trust Alliance, which argues that security issues posed by wearable devices and other connected tools are often avoidable with traditional  strategies.

“In this rush to bring connected devices to market, security and privacy [are] often being overlooked,” OTA President and Executive Director Craig Spiezle said in a news release. “If businesses do not make a systemic change, we risk seeing the weaponization of these devices and an erosion of consumer confidence impacting the IoT industry on a whole due to their security and privacy shortcomings.”

OTA, which began working on an IoT Trust Framework last year, conducted research on security incidents involving connected devices, analyzed whether relying on the framework would have prevented a security incident, and then combined research to inform its point of view on the issue, which it revealed this week as part of its “IoT Trust Framework Resource Guide.”

Among the issues that OTA found common with IoT security breaches were poor credential management, a lack of security testing, a lack of transparency around data collection, and a lack of planning for addressing vulnerabilities.

“Security starts from product development through launch and beyond, but during our observations we found that an alarming number of IoT devices failed to anticipate the need of ongoing product support,” Spiezle said.

The group developed its IoT Trust Framework, released in March, with the help of a number of major companies, including Microsoft, ADT, and American Greetings, along with the National Association of Realtors.

Image: (iStock/Thinkstock)

http://associationsnow.com/2016/09/study-internet-things-security-breaches-largely-avoidable/

BY 

Previous Article
internet of things – The Smart Home Of Tomorrow [INFOGRAPHIC]
internet of things – The Smart Home Of Tomorrow [INFOGRAPHIC]

Next Article
Five IIoT companies prove value of internet-connected manufacturing
Five IIoT companies prove value of internet-connected manufacturing

Security Gaps, Network Intrusions. IoT, The Unusual Suspect.

Watch the Video