1. and the
Internet of Things
by: Daren Dunkel, Account Manager
Intel Security (formerly McAfee)
The Internet of Things (IoT) will represent a tectonic shift in the way computing
is done. A megatrend if you will, that impacts high technology and society in
general. This is the consensus of two industry veterans with a combined 28 years
of technology experience.
IoT was recently defined as “a concept in which electronic devices and everyday
objects -- such as refrigerators, thermostats, or light bulbs -- are connected to
the Internet and each other through a handful of methods such as Bluetooth and
Wi-Fi.” (CNET)
Various industry statistics underscore significant growth trends:
• A few months ago, Intel’s worldwide chief technology officer for security,
Michael Fey, said, “Security needs to be built in as the foundation of the
Internet of Things. Any disruption to these IP connected devices can cause
damage to the business and our daily lives. We need to have foresight into
what is coming so we can prevent against threats and securely manage these
devices.”
• According to International Data Corporation (IDC), by 2020 the entire
Internet of Things market is expected to grow to $8.9 trillion.
(IDC document #243661)
• Gartner expects 26 billion connected things by 2020.
(http://www.gartner.com/newsroom/id/2636073)
• Right now, 70% of the most popular IoT devices on the market contain major
vulnerabilities. (July 2014 HP study)
I interviewed Intel Security (formerly McAfee) executives Craig Parrish (VP of Inside
Sales - the Americas) and Brian Kenyon (Chief Technical Strategist) in August 2014
for their views on the impact of IoT today and into the future.
20 United States Cybersecurity Magazine
2. 1. Based on your industry experience
and major trends you have seen
throughout your careers, where
does IoT stack up?
2. What would you advise readers
to be aware of over of the next
12-24 months?
CP: It has the potential to be the biggest
trend I’ve seen in my career. When IoT devices
start to infiltrate the medical field
they could have the same impact
as when technology infiltrated
photography. Think of how much
that has progressed over the last ten
years and how much easier it is to
take and share a picture now.
CP: The two things you have to have with
IoT are identity and trust. All this data will be
housed in clouds somewhere.
You have to be able to trust “you
are who you say you are”, that
the data is yours; you are really
signing into these accounts and
using these things. For these two
things to work you have to do it
with security.
BK: I don’t think it really has a peer in the computer
world; it’s more of a parallel to the industrial revolution.
Even the PC revolution wasn’t as big. IoT will be part
of everything we do moving forward. An example is
mass producing, when you think of widgets or anything
on an assembly line, it costs an estimated additional 30
cents to add Bluetooth or some sort of connectivity to
these devices. Go walk through a Best Buy and try to
find something that isn’t connected or doesn’t have an
option (whether you want it or not) to be connected via
Bluetooth or Wi-Fi. It’s embedded in everything today.
BK: People have to start taking a proactive stance about
their digital footprint. We’ve long been taught how to be
safe in a non-digital world. To avoid certain streets, don’t
talk to strangers etc. The same thing has to be true in the
digital world. You have to be aware of who has access to
your information. You are reachable now via numerous
devices and in real time. Starbucks has an app where
location services on your phone will tip off if you are within
a certain radius of one of their stores. They send a push
notification to your phone saying if you stop in right now
you’ll get 15% off a coffee. As data is fed more and more
data points and essentially becomes “smarter” vendors
will know what you like to order and how to gear more
detailed promotions towards what you like. The point is
Starbucks has to know your location, that you are close
to a store, and that you like certain products for their
marketing to work. A lot of people, without even realizing
it, are connected via smart phones and now wearables to
everything and everyone around them. You have to be
aware that we are in a proactive digital world.
SHOP
21United States Cybersecurity Magazine
3. In closing, the IoT offers incredible opportunities for business and society, as well
as threats and vulnerabilities on a massive scale. One key is the ability for the
technology industry to engineer security into the fabric, or frontend of this new
era of connectivity. The IoT gives security the opportunity to truly be built in from
the beginning and be part of the design process for the first time in the history of
computing. For all of this to work, it will have to be secure.
3. How crucial is security in the age
of the IoT? CP: None of this works if it isn’t secure. It all
comes to a screeching halt if people don’t
have trust. People developing these
products aren’t generally security
oriented. Security needs to be built in
at the onset. That’s a shift that everyone
has to understand. In order for this
to really work it has to be secure. An
example everyone has heard of is the
Target breach. Imagine that impact on a
company that’s just starting up or doesn’t
have the ability to rebound financially
like Target can. One breach and they
are done; out of business and everyone
in that company is out of a job.
BK: Security is paramount. Two things we have to
do differently. The way we architected security for
the PC world won’t work here. Nobody is going
to go buy security for their smart watch or smart
device after the fact. An example is the Apple store
sells an Adidas soccer ball and it tells you how hard
you kicked it, where it went, the velocity etc. and
it all syncs to your iPhone. If security isn’t baked
into hardware it’s not going to be added on after
the fact. Nobody is going to go out of their way to
secure a soccer ball.
The other side is “sensor data” feeding analytics or
some sensor point in the cloud. There is a security
obligation to the data we are collecting as well.
Daren Dunkel graduated from Oklahoma
State University, (2014) with a business
degree in Management Information Systems
and a certification in Information Assurance
(IA), from the National Security Agency
(NSA). He is a sales professional with Intel
Security (formerly McAfee), specializing in
Cybersecurity solutions and countermeasures
for the commercial business market sector
in Northern California and Nevada. Daren
works in the domestic sales operation center
in Dallas, Texas.
22 United States Cybersecurity Magazine