Iot vulnerabilities, liabilities rising with devices in use

Vulnerabilities: Experts on cybersecurity policy this week warned that vulnerabilities and liabilities would only grow as the number of connected IoT (Internet of things) devices expands. In opening remarks at the Capitol Hill event organized by the Telecommunications Industry Association, Rep. BobLatta (R., Ohio), chairman of the House Energy and Commerce Committee’s digital commerce and consumer protection subcommittee, said lawmakers needed to “ look ahead” as technology and markets changed. “ We need soft-touch regulation so we don’t hamper anyone in industry,” Rep. Latta said. He noted that “ by 2025we’re looking at 25 to 50 billion connected devices around the globe.

“ Denise Zheng, director and senior fellow in the Technology Policy Program at the Center for Strategic and International Studies, said that the “ IoT relevant parts” of a recent CSIS report on cybersecurity focused on vulnerability research and “ bug-bounty” programs. “ We think we’re just seeing the tip of the iceberg in terms of vulnerabilities, incidents, and lawsuits” related to IoT security, she said. “ We thought as a group that there should be more attention to investigating and modeling” cyber incidents, modeled after the National Transportation Safety Boards’ investigation of accidents, with the provision that the information not be used in legal proceedings, and perhaps with some limited liability protection, Ms. Zheng said Kiersten Todt, president and managing partner of Liberty Group Ventures LLC, who was the executive director of the Presidential Commission on Enhancing National Cybersecurity, said that when the commission members began talking about IoT there was a lot of focus on security for life-affecting devices like cars and pacemakers . Then Mirai happened.

Mirai was a distributed denial-of-service attack launched last fall using IoT devices as bots. Commission members realized that if a life-affecting device “ touches” a non-life affecting device, security that only focuses on the former is ineffective, Ms. Todt said Eric Wenger, director-cybersecurity and privacy policy at Cisco Systems, said that the average IT professional sees about 5, 000 alerts daily and that “ when you talk about managed devices, once you get beyond about 200 managed devices per IT professional,” the situation becomes un imaginable. James Simister, director-professional services at Panasonic Software and Analytics Solutions, emphasized the importance of consumer education about device security. However, Ms. Todt said that while “ in the short term, consumers need to be educated,” in the longer term, “ we need to move security away from the end-user,” so that security doesn’t depend on consumers’ actions.

Mr. Wenger suggested that eligible IoT devices could carry a label similar to those issued by UL (formerly) Underwriters Laboratories), attesting to physical safety, but in the IoT case, the mark would indicate that risks were assessed and would be managed throughout the device life cycle.

Consequences: “ One of the large tech developments of the remaining numerous years has been the proliferation of IoT devices. IoT, or Internet of Things, refers to clever, non-traditional, related gadgets. For example, an iPad could now not certainly qualify as an IoT device due to the fact it is an at least quite conventional computing device. But a WiFi-enabled fridge truly counts.

Today, there is a huge sort of IoT devices on the market. Some of these gadgets are patron orientated, at the same time as others are geared towards corporate or even industrial use. Some IoT devices are extremely useful, at the same time as others are simply simple stupid. I imply, who truly desires a WiFi enabled spoon?

As useful as IoT devices can be, but the proliferation of such gadgets comes at a fee. As a person who makes huge use of IoT gadgets, I can tell you from firsthand enjoy that there may be a few unintended effects to their use.