The Internet of Things (IoT) is the next step in the increasingly connected world that we have seen evolving over the last few years.
While the components and concepts of what make up IoT was not new to 2017, the challenges, risks and rewards consumers and companies will see and benefit from are going to evolve rapidly as more and more companies and consumers adopt to and make IoT a part of a daily routine.
So, where should one start when joining the IoT revolution?
A good starting point, as with any venture, is to have a clearly defined policy, mapping to IoT processes and aligned to the market that we are working within.
The last thing we want to see is misaligned processes that drive an incorrect amalgamation of skills and implementations applied to select components. This will only lead to failure and, potentially, to breaches or loss of critical data. As any security executive will state, anything with an IP is susceptible to a hack. IoT devices will be connected, thus making them a point of attack or vulnerability within this ecosystem.
As a business unit head, one of the key things I always start any endeavor with from a strategic perspective, as shown below, is to understand where the business wants to go, and then look at opportunities for innovation – in this case, IoT innovation that we will need to then drive agile delivery as we move to execute functions and manage IoT consumption, within an IoT environment. Of course, as we move past the business goals and consumption need planning, we also have to ensure the most efficient and risk aware implementation of our IoT services.
But, then what? We understand the business strategy, we’ve defined our IoT policy, processes and aligned implementation, but the “then what?,” if not mapped correctly, can lead to some deployments getting focused on the wrong things, leading to delays, equipment errors, mismatched skills and communications problems.
The “then what?,” as I see it, can be a collection of the following:
- Ensuring that we have clarity of roles and responsibilities, staff buy-in in terms of their specific IoT role and collaboration with other members of an IoT ecosystem within an environment, and the assurance of staff support and growth within their respective IoT functionalities.
- Building a culture of second nature secure IoT from design. As an IoT ecosystem can contain devices from multiple manufacturers, sensors, wireless devices, network devices, cloud components, big data analytics platforms etc., we need to ensure that all IoT ecosystems have processes in place to ensure efficient data transmissions from end to end and that critical data is encrypted at collection or bundling points as we transmit.
- Driving a culture of enabling secured availability, without which we will have systematic failures that can have minimal to serious impacts on an IoT ecosystem functionality. This availability impact could be internal or external, as in the case of focused DDoS attacks.
- Looking at means and ways to drive agile development for IoT applications to be able to scale to need as IoT ecosystems expand and interconnect with other IoT ecosystems. According to Gartner, there will be nearly 20 billion devices living within the IoT by 2020.
- Focusing on a seamless customer experience across systems and devices within the IoT ecosystems by driving toward customer information continuity, from device to device and system to system within the IoT.
- Developing a data analytics platform to analyze data volumes and variety, as data is pulled from sensors, machines and other connected devices. This can be a start of a process to manage the kind of data integration challenges we currently see as a reality.
- Use a data analytics platform for predictive analytics to highlight operational challenges before
they can occur and take the appropriate steps to minimize IoT operational impact.
The IoT is still growing and morphing, introducing new challenges that are weighing on the minds of many security professionals; 74% of respondents to ISACA’s 2017 Digital Transformation Barometer research were either extremely or moderately concerned about their organizations’ ability to safeguard connected IoT devices. As new technologies come on stream, there will be new risks and threats as well as new opportunities for business transformation and growth.
The key to a successful IoT ecosystem will be to be able to maintain clearly defined agile sprints to keep pace with change and the need to scale, as well as the flexibility to seek out external resources to close internal gaps that may exist during any one phase of a living IoT ecosystem deployment.
The growth of blockchain and integrating its functionalities into IoT is also a must, given the value that can be realized from such an integration in terms of increased agility, smoother and forensically trackable transitions, and cost reductions.