IoT sprawl will threaten security, warn analysts

News
14 Jan, 2016

Connected devices and sensors could occupy 20% of security budgets

The Internet of Things (IoT) will feature in more than half of new business processes and systems by 2020, according to research by Gartner.

The analyst house noted that, as the cost of embedding sensors into physical items and connecting them to other things continues to drop, the impact on the lives of consumers and businesses is rapidly increasing.

"Uses of the IoT that were previously impractical will increasingly become practical," Roy Schulte, VP and distinguished analyst at Gartner, said.

"The IoT is relevant in virtually every industry, although not in every application. There will be no purely IoT applications. Rather, there will be many applications that leverage the IoT in some small or large aspect of their work," he added.

"As a result, business analysts and developers of information-centric processes need to have the expertise and the tools to implement IoT aspects that play a role in their systems."

It's not all rosy, however, with Gartner also predicting serious budget and security implications.

Within two years, three-quarters of IoT projects will take up to twice as long to complete as originally planned. This, Gartner said, will be caused by process and cultural changes arising from emerging business models and adapting to the introduction of new technologies.

Some companies may seek to cut corners in order to keep projects on schedule, but Gartner warned this could result in significant performance, security, and integration weaknesses that, ultimately, could result in product recalls.

This is not the only threat to security, though. Gartner also predicts that by 2020 there will be a thriving black market selling fake sensor and video data, meaning genuine data can be compromised and manipulated or replaced with false data.

"The integrity of [IoT sensor] data will be important in making personal and business decisions, from medical diagnoses to environmental protection, from commands to modify actions of machinery to identification and authorisation of physical access," said Ted Friedman, VP and distinguished analyst at Gartner.

"This scenario will spur the growth of privacy products and services, resulting in an extensive public discussion regarding the future of privacy ... and the role of technology and government in privacy protection," he added.

One of the ways this will manifest itself in business is the cost of addressing IoT security compromises. Gartner has predicted that dealing with this type of issue will take up 20 per cent of the annual security budget by 2020, an increase of 1,000 per cent compared to 2015.

Natually, Gartner predicts this is something security firms, both existing and yet to be founded, will take advantage of.

Earl Perkins, research VP at Gartner, said: "Major cybersecurity vendors and service providers are already delivering roadmaps and architecture of IoT security, in anticipation of market opportunity. Small startups delivering niche IoT security in areas such as network segmentation, device-to-device authentication and simple data encryption are offering first-generation products and services, including cloud-based solutions where applicable. 

"Large security vendors have already begun acquiring some of these IoT startups to support their early roadmaps and fill niches in their portfolios."