Industry associations and vendors need to agree international standards and best practice to avoid Internet of Things (IoT) security breaches, according to a report by Scrutinise Research and Analytics.
Securing the Internet of Things argues that security is at risk of being compromised due to an increasing number of devices connected to the web, and at present, no specific IoT standards and regulations.
It adds that many manufacturers are rushing IoT products to the market with little thought to security, exacerbating the problem, and leaving devices open to malware and cyber attacks.
“Given that the proliferation of connected devices goes way beyond smartphones and home entertainment to include medical equipment, connected cars and even power plants, urgent action is needed to improve the security of these devices,” Scrutinise Research and Analysis, senior analyst, Sacha Kavanagh, said.
“Doing this will help ensure we are not vulnerable to those who might seek to exploit current weaknesses. Everyone in the IoT ecosystem shares a responsibility to improve security.”
This comes after a globally coordinated ransomware cyber-attack affected organisations all over the world last week, including the NHS in the UK, which resulted in many hospitals going into lockdown.
As well as internationally agreed standards, the report suggests that:
It also details how more partnerships and collaborations between tech firms on both the equipment and service side are needed, as well as with manufacturers in other industries that will become part of the IoT supply chain.
“The IoT has moved beyond hype, but how it is used is still evolving. A consumer education programme will be needed to make sure that devices and data remain safe,” ILex Content Strategies director, Lucia Barbato, said.
“Likewise we anticipate governments will need to incentivise manufacturers to build security into their devices as part of any regulatory framework.”
The average number of cyber attacks with the potential to cause damage or result in the loss of high-value assets more than doubled in the first month of this year per organisation compared to in January 2017.
17 April 2018
Approximately one-third of UK business leaders would pay a ransom if they suffered a cyber attack, with one in ten willing to fork out £1m or more to get their systems and data back.
04 April 2018
Financial institutions across the world are increasingly turning to technology to manage a growing number of digital threats and regulatory requirements.
03 April 2018
Why InsurTech? A Pressured Insurance Value Chain
By Andrew Sagon, Andrew Johnston and Matthew Wong
InsurTech is a burgeoning phenomenon that is modernising the insurance industry. It is disrupting the traditional value chain whereby insurers offer loss protection, and shifting the emphasis to risk mitigation. Incumbents face disintermediation as investors in search of higher yields pour money into insurance-linked instruments in the capital markets. And entrepreneurial businesses are targeting friction costs and inefficiencies within every aspect of the traditional value chain.
Nimbleness and agility will unlock potential
By Elinor Friedman, Andrew Harley and Klayton Southwood
Recent Willis Towers Watson surveys in the U.S. have shown that P&C and life insurers in developed markets are taking seriously the potential of big data and predictive analytics to improve their businesses. Nimbleness and agility, rather than brute force, are likely to be key to realizing that potential.
Driven by technology, toolkits and talent
By Claudine Modlin and Graham Wright
Advanced analytics is helping some insurers offer innovative products and solutions. What do insurers need to know about the changing nature of analytics and whether it is worth the investment? Claudine Modlin and Graham Wright discuss technology, toolkits and talent — topics that may help you decide.
Risk transfer is part of a comprehensive solution
By Adeola Adele, Patrick Kulesa, Kevin Madigan and Alice Underwood
Given the dynamic nature of cyber-risk, taking a multidimensional approach that integrates board governance, technology solutions, behavioral change and risk transfer solutions can help reduce risk to a manageable level.