Properly securing IoT could help transition cybersecurity from gatekeeper to enabler. The continued progression toward the Internet of Things (IoT) is undeniable. After all, fully automated production facilities are now a reality, and we’re even seeing real-world applications such as connected automobiles that can automatically apply the brakes because sensors receive information about an accident around the next curve. With today’s cacophony of technology, the days of building a moat around the castle are over. Depending on which numbers you believe, IoT will usher in as many as 50 billion connected devices in the next five years—which could prove conservative. That represents significantly more devices than there are humans. The question is: How do we fit security around all this technology in a meaningful way despite the challenges? Just consider this short list: Even though these are mostly machine-to-machine communications, such an increase in connections sends an organization’s attack profile through the roof. There are also brand-new threats. For instance, who really thought industrial control systems would ever connect to the back-office network? Yet bridges exist between once-disparate networks. Most CISOs are already drowning in log data, so going from 5,000 to 250,000 endpoints in a day is overwhelming. All of a sudden, analytics are extremely important. Despite the massive numbers, the steps to IoT security are actually quite simple. Since resources are limited, organizations need to focus on where they are most likely to begin their IoT journey. This often means being at the table when IoT project discussions get started – to help solidify the organization’s definition of IoT and help determine which projects take priority. What’s more, being an active participant in the IoT discussions enables IT to plug into the innovators. Fortunately, most people are open to having those security conversations, because attacks are so widespread and publicized. There is no turning a blind eye to the problem. Of course, using business needs as a guideline, CISOs should narrowly define the parameters of interactions. Acceptable activities and behaviors associated with many of the systems should be limited. For instance, why would an automated corn combine need to download anything from Pandora? The best way to create these definitions is to open communications with the operators and engineers. In doing so, we have an opportunity to get communication and analytics right from the start and can avoid mistakes that potentially lead to catastrophic vulnerability—an extreme example might be not setting definitions on a connected nuclear reactor. Properly handled, securing IoT could help transition cybersecurity from its traditional role of gatekeeper to being an enabler. IoT is already driving speed to market in manufacturing, mining and utilities. Aptly secured, IoT can enable the organization to try new things, including chasing new revenue opportunities. Related content brandpost Looking into the Crystal Ball As pharmaceuticals prepare to thrive in the years ahead, the need to focus on core competencies has never been stronger. By John J. Bell Oct 14, 2015 3 mins Small and Medium Business Collaboration Software brandpost A Seamless Generation Next-gen technologies are making significant inroads into life sciences by seamlessly integrating into infrastructure. By John J. Bell Oct 13, 2015 2 mins CIO brandpost Overcoming Life’s Obstacles The challenges to innovation facing life sciences companies are realu2014so too are the opportunities. By John J. Bell Oct 07, 2015 2 mins Risk Management brandpost Disruption Hits Healthcare Market As the health insurance market undergoes disruption, progressive CIOs are using the opportunity for digital transformation. By Lisa Pettigrew Oct 05, 2015 3 mins CIO Healthcare Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe