IoT and cybersecurity

Cyber security is an area every business should be concerned about. Unfortunately, the number of companies with a plan to address this threat are woefully inadequate. Do companies not recognise the seriousness? Are companies taking the approach that it won’t happen to them? It’s a bit of all of these.

The biggest problem is most companies believe their limited protection will save them. This isn’t a strategy, it’s a formula for disaster. How to eat this elephant, one bite at a time. First start with a policy. A policy won’t protect you, but it will put teeth behind your recognition of the seriousness of the problem. What to do if a computer is infected, what to do if a suspicious email comes in, who are the point (s) of contact? This is the basis needed to start your plan, says Joseph Zulick a writer and manager at MRO Electric and Supply.

Some people think only big companies need to address the hazard, not so. Many of these risks are just broad risks that infect and are past on like the common cold. Identify the hazards. Phishing, Ransomware, Malware, Bots, spam, pop ups, etc. Education of your employees is the next step. Everyone should be trained to recognise and assess the hazards.

Much like a fire drill, you need to make sure everyone understands what to do. It’s even necessary to do a risk assessment that incorporates sending bogus emails that look suspicious to determine where the employees are on their awareness and then a reassessment periodically to make sure personnel are not being lulled into a false security.

It typically only takes one person to open a fraudulent email to create a problem inside your protective cocoon of any firewall protection you have. This is also why in these hazardous days most IT professionals are Leary of the Internet of Things (IoT). IoT can be risky if not done properly. Software that protects and keeps up with the latest risks is a must. The worst thing you can do is believe you’re impervious to these malicious attacks. Don’t bury your head in the sand and think that you won’t have it happen.

I know many people have the belief that they don’t want IoT because it opens up a hole in your system. The top systems address this hazard using compilers that really don’t have any direct data or expose the key elements to the outside systems. Nothing is perfect, so addressing the risks as they come up is important. Remember the day you could use a passcode 1,2,3,4 and felt fairly safe? Now most systems require a sophisticated password, partially because of the faster processors used to have the system. Many are going to the 2 part system requiring a confirmation from a trusted device or contact. Others are locking you out after 2-5 failures.

More systems use a reverse code to prove to you that you are on their actual site. Sometimes these will be a certain picture and a certain word so you know you are on the correct site. This is due to bogus emails with duplicate sites that look, feel and mimic the real site to get you to expose your info.

Awareness needs to be addressed since it can be the most effective safety for social piranhas who attempt to gain information through social interaction. Unfortunately the younger generation is far more likely to feel comfortable interacting online and sharing details that can be exploited later.

Identity theft we hear of is mainly in the financial pages but criminals use this data far more extensively to gain info used from drivers licenses, medical coverage, and just simple aliases that can be used to gain access in companies and services. Information is power and making employees aware of how information is used in criminal manners. The bigger the company the more risk but don’t take this to mean criminals don’t see a benefit in an easy mark.

Small companies have limited resources and many times don’t perform necessary safety updates that are important company wide. This makes them an easy target for even low level hackers. Outdated software is a significant risk. Patches that look for malware, or scams are outdated. This causes an open portal with continuous monitoring. Iot must keep pace in this area. It can feel like you’ve done everything and in a few days without critical security updates it can all go away. You have to also be aware of third party cybersecurity. If companies who do your billing or perform outsourced tasks this can be the weakness despite your best efforts. How many of us have received a notification of a data breach?

The author is Joseph Zulick, writer and manager at MRO Electric and Supply.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow


9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

How can IoT optimise the bearing supply chain?

Posted on: September 24, 2021

In 2020, stock management issues were estimated to cost UK manufacturers 66 billion GBP  because of disruption caused by the pandemic. Consequently, the quest to improve efficiency, cut waste and enhance supply chain operations is one that suppliers know all too well. Here Chris Johnson, managing director at miniature bearings specialist SMB Bearings, explains how the Internet of Things

Read more

Guardara uncovers key zero day vulnerability in IoT message broker software

Posted on: September 24, 2021

Developer-focused code security specialist Guardara announces it has uncovered a Zero Day Vulnerability in open source software from EMQ, the provider of open source software for IoT devices. The vulnerability, which was uncovered by a non-security expert using Guardara’s powerful testing tool, could have significant implications for connected IoT devices depending on NanoMQ.

Read more