Analysts are predicting more than 20 billion IoT devices online by 2020. Virtually every aspect of our lives will be connected–and made “smart.” All that connectivity will make things more convenient, but with that comes greater risk and points of vulnerability.
Add to that, in the rush to get devices out the door and online before the train leaves the station, many vendors are not thinking about the security implications. In Europe, the European Union for Network and Information Security Agency (ENISA) is working with public and private sector to create policy framework specifically focused on IoT security.
Some of the considerations:
- One size does not fit all. Security requirements will need to be tailored to different sectors and industries to ensure realistic and attainable measures that do the job but do not impede the economies around manufacturing and selling devices.
- Code will not be immune to guidelines. To allow more control and checks on the software development process, code will be more closely examined in the effort to make devices secure.
- Devices will have each other’s backs. Protocols around devices connecting to one another could be governed by cryptographic keys that the connecting machines read to make sure there’s no evidence of hacking.