IoT to transform enterprise security


By Dylan Bushell-Embling
Monday, 05 May, 2014


IoT to transform enterprise security

The rising tide of the Internet of Things (IoT) will force many organisations to expand the scope of their IT security programs, Gartner predicts.

IoT security requirements will cause chief information security officers (CISOs) to broaden their security efforts, Gartner research Vice President Earl Perkins said.

“The IoT is redrawing the lines of IT responsibilities for the enterprise,” he said. “IoT objects possess the ability to change the state of the environment around them, or even their own state; for example, by ... adjusting the flow of fluids to a patient in a hospital bed based on information about the patient’s medical records.”

But with each new identifying, sensing and communicating device added by a business, the responsibility of the security practice expands.

Perkins said IoT represents an “inflection point for security”. The changes to the governance, management and operations of security functions that will be required will dwarf those motivated by the BYOD, mobile and cloud computing trends, he said.

“Real-time, event-driven applications and nonstandard protocols will require changes to application testing, vulnerability, identity and access management (IAM) - the list goes on,” he said.

While the use cases being developed for the IoT are new, the technology that underpins them are often anything but.

“This represents an interesting challenge for CISOs when delivering secure services for the IoT,” Perkins said. “Even out-of-maintenance systems such as Windows XP may still play a critical role for some industry infrastructure as part of an IoT security system. Security planners should not throw away their old security technology manuals just yet.”

Because the IoT is a relatively new paradigm, there is no definitive guide to securing IoT available, Perkins said.

“What constitutes an IoT object is still up for argument, so securing the IoT is a ‘moving target’. However, it is possible for CISOs to establish an interim planning strategy, one that takes advantage of the ‘bottom-up’ approach available today for securing the IoT.”

Pictured: Gartner Research Vice President Earl Perkins

Related Articles

Strategies for navigating Java vulnerabilities

Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...

Not all cyber risk is created equal

The key to mitigating cyber exposure lies in preventing breaches before they happen.

How AI can help businesses manage their cyber risks

Artificial intelligence can be a powerful ally in the fight against cyberthreats.


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd