Machina Research: IoT security fears currently overplayed

Machina Research argued that concerns over the security of the Internet of Things (IoT) are overblown at present because the market is set to remain restricted to controlled settings for the next decade.

In a strategy report, the research company noted that the ultimate goal of IoT, whereby every object or ‘thing’ connects to every other object, remains a distant objective, meaning attempts to future proof IoT technology today “makes little sense”.

The company said IoT security needs can be met incrementally over the next 10 years, provided companies put in the necessary planning and utilise existing solutions.

“Individual products can, and should, be secured by design, and developers who fail to do so are asking for trouble,” said Aapo Markkanen, principal analyst at Machina Research and author of its IoT strategy report.

The company noted that demand for IoT security is currently being served by start-up companies including Device Authority, Guardtime, and Mocana in addition to more established cyber security companies including Symantec, Thales and Webroot.

Markkannen conceded that his view regarding security being designed into IoT products hits a roadblock when it comes to IoT projects spanning “multiple different products supplied by different vendors at different times.” In such circumstances “security is more of a systems-integration issue than a design issue,” he said.

As a result, systems integrators are set to become critical stakeholders in the industrial IoT market, Machina Research predicted in the report. However, the research company cautioned that systems integrators must develop a variety of new competencies and technologies to become effective players in the IoT security market.

Markkanen identified risk management as an area of the IoT that requires improvement. “For an IoT-driven enterprise, getting the security right is more about judging how much cyber risk it can stomach,” he said. 

However, the decision on the amount of risk a company can handle is difficult to make because “this risk cannot be sufficiently quantified” due to a lack of “reliable information on the materialised cyber incidents,” Markkanen added.

For more:

- see this Machina Research release

Related articles:
Telenor seeks to secure Norway's place in AI, big data, and IoT sectors
Vodafone research finds 76% of companies see IoT as critical
Berg Insight: Wireless IoT devices in automation networks reached 14.3M in 2015