Want the IoT to thrive? Prioritize security.
Earlier this month, Samsung partnered with Intel, the Information Technology Industry Council and other members of the National IoT Strategy Dialogue (NISD) to release a first-of-its-kind policy roadmap for U.S. leadership in the Internet of Things (IoT).
The release was well-timed for national Cybersecurity Awareness Month in October, as the security challenges associated with IoT are perhaps its greatest hurdle to wide-scale adoption. As SVP and General Manager of Samsung’s ARTIK IoT Platform, a secure end-to-end, IoT platform that transforms the process of building, launching, and managing IoT products, James Stansberry knows that bringing IoT to scale means tackling security challenges without dissuading adoption. Read more for his thoughts on how industry and government can work together to grow the IoT while keeping it secure:
The media is saturated with IoT stories. Is it living up to the hype?
IoT hype is usually about the latest internet-powered gadget or appliance. It’s easy to lose sight of the big picture. The IoT represents a major paradigm shift in computing and connectivity. Computers have moved from warehouses into our living rooms and now, into everyday devices. But it’s the network created by these devices and sensors working together — and the insights that they can provide as a result — that will reshape society on a scale and in ways that deserves the hype. Now, we can bring more information together with actual context, and with the addition of machine learning and AI, we will be able to use it in completely new ways. We’re already seeing the impact on smart cars, energy reduction and new healthcare solutions. These devices and sensors work best when they are not working alone, but drawing information from a network.
How does cybersecurity factor into the growth of the IoT?
The promise of the IoT is completely contingent on our ability to keep it secure. By 2020 there will be billions of connected devices generating more than 44 trillion gigabytes of data each year. Securing this data and the networks and systems it moves through will be critical to achieving the promise of the IoT. That’s why IoT security is Samsung’s number one priority. The NISD Policy Roadmap was crafted with the objective of bringing the IoT to scale — to take it to the next level — and a major part of that next step is tackling the security challenge.
What is industry’s role in securing the IoT?
The NISD Policy Roadmap’s security recommendations are very robust, and I think that reflects the seriousness and determination of the NISD working group and all the government, academic and industry experts we spoke with to make sure the U.S. gets this right. Unequivocally, security must be integrated into each and every hardware and software component of any IoT solution at the outset of development and at each step along the way, not bolted-on afterward as a nice-to-have. Prioritizing security means profound changes to the development process from both a technical and cultural standpoint, and it is an area where Samsung is taking the lead through platforms like ARTIK.
How can the government support this effort and ensure the IoT is brought to scale?
Government, industry, and academic entities must present a unified front when it comes to promoting and implementing IoT security. We need more collaboration on security, but also in other areas where consensus and agreed-upon standards would benefit everyone from developers and engineers to end users. This is why the work being done by the NISD is so important — policymakers are looking to collaborate with experts like Samsung to make sure they get it right.
For its part, though, the federal government should promote policies that tie federal funding to security standards, incentivize security innovation and prioritize cybersecurity hygiene for businesses and individuals. The government’s top priority, particularly in Congress, should be to incentivize the creation and procurement of IoT solutions that are secured end-to-end — from the smallest microcontroller at the edge of a network to the most advanced server central processing unit in the data center and all the gateways and devices in between.
How can we expand the IoT while keeping it secure?
We need more education — nationally, there is a significant and growing shortage in security skills. But it’s also awareness — companies are still learning that security failures far outweigh the cost of implementing appropriate security measures. Technology companies also need to make it easier and more affordable for companies to adopt best security practices whether they are developing a connected toy, a factory controller or a city power grid. The best way to do this would be to encourage IoT device, software, and platform providers to consider the entire end-to-end solutions their products will help build, anticipate the risks their products might introduce, and incorporate sensible security features directly into their products.
That’s the approach we took with Samsung’s ARTIK IoT platform. We built security directly into hardware components and the cloud, and we provide integrated security features that protect the entire platform — including open data exchange and cloud services. By using recognized standards and integrating security across the platform, ARTIK breaks down barriers to adopting security best practices. This is how the IoT will scale securely, and it’s the model government should encourage through good policies and industry collaboration.