A pan-European response to cybercrime is critical

Cybercrime has become a well-financed global industry. Cybercriminals are very resourceful: they are increasingly operating as syndicates, conducting research and buying services from each other. In addition, says technology writer Bob Emmerson, threat surfaces are growing in line with the billions of connected users and devices.

So, what is the IoT industry’s response?

There is no silver bullet and there is a demand issue. More security experts are needed; expertise needs to be aggregated, to be readily available and ideally it should be shared. On a more positive note, the combined resources of the industry are much bigger than those of the criminal fraternity.

They will be needed to address today’s biggest security issue, which is the advanced persistent threat (APT). We can expect to see security analytics being deployed on a massive scale, allowing the network activity in virtually all devices to be recorded and stored. This will enable real time APT detection and mitigation, as well as forensic analysis.

Meanwhile a new report from PwC, titled “Cyber security: European merging market leaders”, highlights the growing demand for pan-European providers who have the breadth and depth of security expertise to solve complex cyber security challenges and to be able to deploy their expertise in a consistent manner across geographies. This is not something that can be realised in a short timeframe. It has to come from established MMS (Managed Security Service) vendors who have a solid track record.

Service providers such as NTT, NCC Group and SecureLink are early European frontrunners. They appear to be well positioned to be able to meet current customer needs. Last year SecureLink bought Coresec and Nebulas and their latest acquisition, IT-Cube, allows the company to operate in Benelux, DACH (Germany, Austria and Switzerland), the UK and the Nordics.

Bob Emmerson, freelance writer and IoT industry observer

Secure Link’s Cyber ​​Defense Centre provides round-the-clock services from five locations. They include proactive prevention, detection, analysis and responding to cyber-related attacks on internal and external infrastructures and applications. The company is staffed by more than 550 security specialists.

Cyber security: the elephant in the boardroom

The NCC Group sees cyber security as being the greatest threat to modern business. They point out that headlines appear almost every week in the mainstream press about a company being hacked, or experts claiming the cost of cyber crime to the global economy is either billions or trillions. And yet most businesses do not to truly understand the risk they are running.

Boards educate themselves in areas such as health and safety, but seem to assume that cyber threats should be a risk owned by someone with a technical skillset. However, it becomes clear that ignorance of the risk amounts to negligence on behalf of the board. Cyber security is the elephant in the boardroom.

Legislation

Although the UK’s Information Commissioner’s Office investigates data protection cases, it doesn’t have the resources or power to motivate organisations into making cyber security a board-level issue that is afforded the right level of attention and investment.

However, the General Data Protection Regulation (GDPR) from the European Union (EU) is due to come into force in May 2018 which enforces stricter rules in terms of data protection on companies operating within and trading with the EU. These include significantly larger fines for data breaches (up to 4% of global turnover) and other features including mandatory breach notification.

Although the UK’s long-term relationship with the EU is currently unclear, research conducted by ComRes on behalf of the NCC Group indicates that the UK will have to adopt GDPR or at least develop its own equivalent legislation. With this on the horizon, the research found that a somewhat surprising number of board directors want greater penalties for companies that fall down on security.

Conclusion

Security is a moving target, so it is advisable to have an independent certified security firm perform remote vulnerability assessments at regular intervals, or when there is a major change in the infrastructure and the environment.

Robert Andres of Eurotech

That advice comes from Eurotech. Robert Andres, the company’s chief strategy officer: “When the security bar goes up, when new threats emerge, so too does our response and that of the industry. Cybercriminals can take advantage of the huge opportunity that comes from billions of connected users and devices.

But through applying IT security best practices, architectures that have a focus on security from day one, by employing analytics and other security relevant technologies in the edge and the cloud, also IIoT infrastructures can be successfully secured and defended.”

The author of this blog is freelance IoT and communications writer and observer, Bob Emmerson

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Nozomi Networks and Tripwire announce strategic partnership

Posted on: September 17, 2021

Nozomi Networks Inc., the provider of OT and IoT security, and Tripwire, a global provider of security and compliance solutions for enterprises and industrial organisations, announced they have partnered to help organisations lower cyber risk with consistent security controls that span their IT, OT and IoT environments.

Read more

RightIndem deploys enterprise-grade conversational AI to simplify customer claims process

Posted on: September 17, 2021

RightIndem, an global insurance technology company, has worked with Bristol-based Amdaris to simplify its customer onboarding process via developing enterprise-grade conversational Artificial Intelligence experiences.

Read more