There’s a lot of hype around securing the Internet of Things (IoT). At the end of the day, I suggest that a more reasoned approach is in order. Securing the IoT will not be achieved by frantic worry about the volume of endpoints. Myopic focus on the volume of devices in an IoT ecosystem can lead to an important misstep: forgetting that it’s the Internet of Things. That means that all this data is passing through the network. Therefore, tackling security can only occur with diligent attention to the core of the IoT, namely, the network stack. In that way security can become as pervasive as the IoT itself.
I recently had the privilege of participating in a panel discussion at LiveWorx’s CXO Forum on Securing the IoT. Here are two predictions with respect to the IoT and security that I shared with the audience and my co-panelists at the event:
Access and identity management will be critical in an IoT ecosystem. However, the username and password won’t be part of tomorrow’s approach: the password will die – and soon. It’s not radical to point out that passwords are insufficient on their own for authenticating access to sensitive data. I don’t think that means we’re going to go immediately to 21 levels of authentication, for example. We do need a human factor, and it can be biometric, or it can be at an endpoint. We’re familiar with straightforward biometrics such as the iPhone’s fingerprint scan, but there are also newer methodologies that track the exact way a human swipes a smartphone screen. We can leverage technologies such as this to enhance security in the IoT and its member devices.
Our industry must work together in public-private partnerships to put a stop to the proliferation of regulations – country by country or region by region – that are creating a tangled web of laws, regulations, and guidelines around security. Conflicting guidance, standards, and regulations cause confusion rather than clarity. International standards bodies and government regulators should consider removing territorial blinders and revisiting the real mission: ensuring, to the greatest extent possible, that information and communications technology (ICT) are genuine and free from compromise and will not permit control over the operations for which they are used.
While strong international standards for IoT security and new authentication methods are just two pieces of the larger puzzle that will make IoT more secure, they are essential pieces. We at Cisco are working to make inroads in both these areas. Stay tuned.
I recently attended the Strata + Hadoop World Conference in San Jose, and came away impressed with the accelerating pace of innovation in the world of Big Data. Companies and startups are innovating in every area of the Big Data value chain – from automating how data is collected, cleaned, and organized; to data governance and management; to data storage using a plethora of NoSQL database technologies; and to the numerous emerging tools for data science. Read More »
The key to retail today is customer understanding —where each customer stands on his or her personal shopping journey, whether in-store or out. Retailers must “know” each shopper as never before. And they must offer the kinds of contextual, personally relevant experiences that will optimize their merchandise mix, create faster inventory turns, and drive greater customer engagement.
After all, the typical customer today is mobile, connected, and has heightened expectations. Many are accustomed to a deeper level of real-time interaction from innovative online retailers than from traditional brick-and-mortar stores.
Yet, as a recent Cisco study revealed, offline retailers – or retailers that combine on and offline capabilities – have their own unique advantages – if they step up to the opportunities of the Internet of Everything (IoE) economy. By blending the benefits of the physical store — such as the ability to touch, compare, and try on products — with the benefits of the virtual world, retailers can create a new value proposition that can’t be matched by their online-only competitors. In the process, they not only drive their own industry’s disruption but challenge for market leadership.
Jeff Zucker of NBC Universal coined the prescient expression “Trading analogue dollars for digital pennies” in 2008 to describe the huge gap that he was observing between the lucrative promises of online and digital advertising and the reality of the meager revenues that it was in fact producing. Could the same be true of the Internet of Things (IoT) revolution? Are we trading the hundreds of dollars that we are generating from mobile users for the pennies that providers get for connecting “things”?
Connecting the 50 billion projected devices, or things, to the Internet is the cornerstone of the Internet of Things. Given the challenges of remoteness, mobility and the cost of wiring up these devices, many of these connections will be made over mobile networks. In fact, Beecham Research estimates that the number of cellular machine-to-machine connections will grow to 1 billion by 2020, up from 172 million in 2013. It is no wonder that the mobile operators are salivating at the prospect of all this new revenue to be earned from connecting inanimate objects. This windfall is especially at a time when there traditional mobile business is under attack. Changes in voice usage and bundled minutes are causing voice revenues to decline and data revenues are under attack from Wi-Fi connections and over-the-top providers (see The Mobile Paradox). Read More »
From my home in North Carolina to San Diego, to Atlanta and all the way to Greater China—Shanghai, Shenzhen and Taipei—throughout April, I am presenting at several Manufacturing industry, Supply Chain executive, and Internet of Things (IoT) regional events, along with visiting all types of manufacturing customers. Earlier this month, I was at a customer advisory where we met with industrial thought leaders eager to share experiences (see Tony Shakib’s blog, “The Digital Factory: Real Solutions and Real Outcomes”). In the meantime, several of my colleagues exhibited Cisco industrial solutions this past week at Hannover Messe in Germany. Across the globe, manufacturers are wrestling with how to capture the opportunity and value associated with IoT and Internet of Everything (IoE) strategies. The good news is that the industry is thriving, alive and well and at the forefront of IoT adoption.
At the IoT Regional Forum in Atlanta last week, I had the opportunity to meet some manufacturing companies from the region and hear first-hand the challenges and address questions they had regarding automation and networking and the convergence of IT and OT, from technology to culture to organization. What I hear repeatedly are questions on how to tie together the various islands of automation and information that exist throughout most factories and across manufacturing enterprises. In addition, the lack of one integrated view results in delayed decision-making and responses to issues and problems that arise, and inhibit the introduction of new products and business models.
Often, we will assist our industrial customers with this IT/OT convergence by recommending a pilot or proof of concept approach to adopt wired-and-wireless networking architectures for use cases that demonstrate quick results and impact, and then more broadly adopt the technology across that and other plants within the enterprise. Interestingly, ARC analyst Greg Gorbach recently wrote up a blog proposing a “Let’s Just Try it” approach in profiling our customer Stanley Black and Decker.