IoT Security After “The Interview”

Posted on 22nd December 2014 in defense, Internet of Things, M2M, management, privacy, security, US government

Call me an alarmist, but in the wake of the “Interview” catastrophe (that’s how I see it in terms of both the First Amendment AND asymmetrical cyberwarfare), I see this as a clarion call to the #IoT industry to redouble efforts to make both security AND privacy Job #1.

Here’s the deal: if we want to enhance more and more parts of governmental, commercial, and private lives by clever IoT devices and apps to control them, then there’s an undeniable quid pro quo: we MUST make these devices and apps as secure as possible.

I remember some bright young entrepreneurs speaking at a recent wearables conference, where they apologized for not having put attention on privacy and security yet, saying they’d get to it early next year.

Nope.

Unacceptable.

Security must be built in from the beginning, and constantly upgraded as new threats emerge.  I used to be a corporate crisis manager, and one of the things that was so hard to convince left-brained, extremely rational engineers about was that just because fears were irrational didn’t mean they weren’t real — even the perception of insecure IoT devices and apps has the potential to kill the whole industry, or, as Vanity Fair‘s apocalyptic “Look Out, He’s Got a Phone” article documented, it could literally kill us. As in deader than a doornail.

This incident should have convinced us all that there are some truly evil people out there fixated on bringing us to our collective knees, and they have the tech savvy to do it, using tools such as Shodan. ‘Nuff said?

PS: Here’s what Mr. Cybersecurity, Bruce Schneier, has to say on the subject. Read carefully.

Leave a Reply

Your email address will not be published. Required fields are marked *

AlphaOmega Captcha Classica  –  Enter Security Code
     
 

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>