With Governments globally struggling to encourage business to embrace the IoT has anybody taken time to think that the name is part of the problem?
Our experience is that Cyber Security is the biggest threat to both the IoT and similarly cellular GPRS type monitoring, as they both depend highly upon the internet. Factually, not a day passes without millions if not billions of attempts to hack, infiltrate and deny service taking place. The problem is the source of the attacks is global, not just driven by humans behind keyboards but potentially emanating from millions of machines “robots” connected to the internet.
Apparently the number of reported cases that hit the media is tiny as the problem is like a rapidly growing iceberg that causes embarrassment and loss of business confidence so it is hidden. Similarly there are countless cases of blackmail that take place on the “dark side” of the internet, again further undermining confidence.
So is the IoT a lost cause? Certainly for mission critical applications as we are already receiving tenders that specifically preclude the use of any technology that connects to the Internet, the IoT, WiFi or the use of the public cellular networks in particular GPRS and 4G as all rely on the internet at some point for connectivity.
Our message is simple if the data is valuable to your business then think hard. If your data getting into third party hands has dire consequences then think harder still. Think even harder if there is a control function where a cyber attacker would delight in turning off the lights or opening the flood gates! Finally, if time is of the essence and loss of service can lead to damage then the IoT is not for you.
However, if your application is not time critical, the data is of little commercial value, there is no control function involved and the leakage or manipulation of your data has no consequence then the IoT may be the ideal route for you and your business! Further there are ways to de-value data. Data such as meter reading has value in its time of read for example as it provides a signature of if somebody is at home or not. Why not introduce a random delay in the data at source, then it has lost its value to the thief.
The opinions expressed above are based upon a combination of both life experiences and hearsay gathered from decades of working in the remote monitoring, AMR and control industry across a wide number of sectors. For reasons of security sources or industry sectors are not disclosed.
The authors would be happy to accept equally supporting data or challenges to these observations for inclusion in any sequels to this document.