(Image Credit: iStockPhoto/kizilkayaphotos)
Telecommunication companies, vendors, and IT firms have joined forces to create the IoT Cybersecurity Alliance to strengthen protections for connected devices against rising threats.
Leading the alliance is US telecom giant AT&T, which reports a dramatic 3,198% increase in attackers scanning for vulnerabilities in IoT devices over the past three years.
Where large numbers of devices exist, attackers will follow. A common misconception is that one operating system is inherently less secure than another; in many cases, attackers target the most widely deployed devices and platforms simply because they offer the broadest payoff.
“The explosive growth in the number of IoT devices is expected to continue, and so must the associated cybersecurity protections,” said Mo Katibeh, AT&T senior vice president of Advanced Solutions. “Today’s businesses connect everything from factory robots to pacemakers and home appliances. Protecting these organizations requires innovation across the entire IoT ecosystem to enable sustainable growth.”
As Katibeh notes, the expansion of IoT devices is significant and set to accelerate. Analysts such as Gartner have highlighted rapid adoption across industries. Last year’s Mirai botnet attacks exploited insecure IoT devices to launch some of the largest DDoS assaults in history, causing major disruption that businesses and consumers cannot afford to repeat.
The IoT Cybersecurity Alliance has established several core objectives:
-
Collaborate on research into IoT security challenges across verticals and use cases—such as connected vehicles, industrial systems, smart cities, and healthcare. The alliance will analyze real-world use cases and business challenges to advance security practices and identify ways to implement protection across the value chain.
-
Address security problems at every critical layer, including the endpoint, connectivity, cloud, and data/application layers. The alliance brings together experts covering each layer to educate organizations and consumers on protecting their connections.
-
Make security accessible across the ecosystem. Effective protection must be embedded across the value chain so that users benefit from IoT services and infrastructures capable of withstanding an evolving threat landscape.
-
Influence security standards and policy. Leveraging the leadership and expertise of alliance members will raise awareness of cybersecurity challenges, foster ongoing engagement with policymakers, and help organizations balance the benefits of IoT with appropriate safeguards. By educating stakeholders, the alliance aims to help industry maximize IoT advantages while improving protection for companies and consumers.
Members of the alliance emphasize that effective IoT security requires protection at the device endpoint, across networks, in the cloud, and within applications, combined with broad threat analytics to monitor the ecosystem and design products with built-in, continuous security.
“Whether it’s a connected car, a pacemaker, or a coffee maker, every connected device is a potential entry point for cyberattacks,” said AT&T Chief Security Officer Bill O’Hern. “Each device demands different security considerations. It’s essential for industry leaders and innovators to work together to develop more holistic security approaches for IoT.”
Companies joining AT&T in the IoT Cybersecurity Alliance include Nokia, IBM, Palo Alto Networks, Symantec, and Trustonic. According to industry research, managed security service providers are expected to see substantial revenue growth in the coming years, which underscores both the market need and commercial opportunity for stronger IoT security solutions.
What are your thoughts on the IoT Cybersecurity Alliance? Share your views in the comments.