Security is critical to the success or failure of the Internet of Things (IoT) vision. Critical flaws at the heart of the internet, such as the Heartbleed bug, have highlighted engineering fallibility. The successful attacks in industrial applications, such as Stuxnet, have highlighted hidden aspects of cyber warfare. In addition, attacks on consumer IoT devices such as smart home devices – connected lighting and connected baby monitors, for example – have emphasised the broad capability of attacks and their immediate impact on consumers’ fear.
As the Internet of Things vision becomes the driving paradigm for changes in society and in economic activities, increasingly, the vulnerability present in that change requires attention. Facing that vulnerability through a strategic and multidisciplinary approach for IoT security is not an easy task for the community of cybersecurity experts, IoT experts and policy makers and ethicists.
Cybersecurity is an engineering and scientific area of great complexity, but, with an extraordinary impact on governments, consumers and businesses. Therefore, building a bridge between cybersecurity experts and organisations and individuals vulnerable to attacks is necessary. This Insight Report discusses IoT security in the smart home as a consumer IoT context, in the industrial internet as an intensive enterprise IoT context; and in the smart city as a government-led context.
The Insight is structured in five sections. The first section will introduce the main concepts and challenges in providing security for the IoT. The next four sections will discuss approaches to security in smart homes, industrial internet and smart cities. The last section will provide some concluding remarks.