ISACA Journal Author Blog

ISACA > Journal > Practically Speaking Blog > Posts > Staying Secure in the IoT

Staying Secure in the IoT

Marcelo Hector Gonzalez, CISA, CRISC, and Jana Djurica
| Published: 3/30/2015 3:22 PM | Category: Security | Permalink | Email this Post | Comments (0)

The Internet of Things (IoT) is changing how people and technology interact. With billions of devices projected to be connected in the near future, the opportunity to be innovative is amazing.

In recent months, there have been several publications discussing the IoT, with many articles in favor of it and many against it. On one hand, it is said that all things should be connected:  refrigerators, coffee machines, wearables, microwaves, umbrellas, fitness bands and drones. On the other hand, there is an opinion that this trend needs to be stopped, regulated or banned by government organizations because of security and privacy concerns. For example, the US Federal Trade Commission (FTC) publicly raised concerns about the security risk associated with the rising number of interconnected systems and devices.

But this is just the tip of the iceberg. Things are becoming even more connected. In fact, there is a flood of appliances that could potentially be or already are connected—without even giving a second thought as to whether or not these connection are necessary.

When we were writing our recent Journal article, we had a discussion about IoT that got us thinking that if our lives were controlled, monitored and directed by the devices that are around us, we may lose all sense of privacy and self-determination. We believe that this discussion will get deeper and deeper with the emergence and development of new IoT products.

But the future is now, and every day, new devices are connected. These devices are supposed to help improve the quality of life and they are making tasks for us, sharing information around the world and taking on a life of their own. But what about the security threats that they could produce?

Our recent Journal article describes the opportunities that the IoT could create and the challenges and risk associated with it. Every day the risk associated with the IoT increases; as technology advances faster and faster, so does the risk. When we wrote our Journal article, we could not anticipate IoT-related technology that is now on the market, just as we could not anticipate all of the new risk introduced from the time of writing this blog post to now. The IoT is becoming the next front for privacy litigation.

One of the most important concerns is the data security for Internet-connected devices. Security in the IoT is more important now than ever because of the amazing amount of new devices that are in use every day.

A holistic security management strategy has to be used with the IoT. A preventive security approach that considers the possible values new technology could create (while keeping in mind the risk that it could introduce) is the best way to maximize the benefits of the IoT.

Read Marcelo Hector Gonzalez and Jana Djurica’s recent Journal article:
Internet of Things Offers Great Opportunities and Much Risk,” ISACA Journal, volume 2, 2015.


There are no comments yet for this post.