by Haydn Povey, CEO & Founder Secure Thingz
The Internet of Things (IoT) is rapidly transforming businesses, connecting previously fragmented management systems, enhancing smart city initiatives and revolutionising healthcare. Security is a significant requirement for these new systems. However, as recently as 2018 the Bain Company estimated that only 4 per cent of connected devices met the minimal security requirements – a damning indictment of the technology sector.
To address this lack of leadership from the technology sector, the UK government has taken a significant lead in defining best practices, working with UK organisations such as the Internet of Things Security Foundation, supported by companies including Arm, BT, and Secure Thingz. These best practices are now setting the cadence for governments around the globe, including Europe, the US, Japan and China.
For many organisations, security is seen purely as a major IT cost on the bottom line, primarily to defend the organisation against hackers. However, the reality is that security is the foundation for all major value propositions across IoT, including protecting brand value, securing intellectual property and providing the basis for service revenues. The focus for organisations should therefore be how they value and invest in the right technologies to support the company’s primary goals, drive revenues and protect the critical assets wherever they may be globally.
Protecting an organisation’s brand is critical within the modern marketplace. Brand value rests in how devices operate, and critically the user experience associated with them. Obviously if a device is hacked, either for malicious intent, ransomware or even government-sponsored activities, it undermines the users’ trust in the device and the organisation who supplied it. Unfortunately, the very nature of complex digital devices mean that exploits will probably always exist, and while every company must do its best to ship secure devices there will always be minor flaws that can be prised open. To resolve this paradox, it is increasingly apparent that every device must be able to be managed and updated, either by the user or via a trusted service provider. This shift in emphasis from a transactional sell-and-forget to an ongoing strategic support partnership will have dramatic implications on how every company does business, and, critically, how every device is designed and implemented.
As this value-shift occurs there is a further shift to monetisation of services and intellectual property, transitioning from physical goods to data analytics. A good example of this is within city-scape lighting, where many organisations are moving from selling lightbulbs to lighting-as-a-service, and where a monthly fee not only ensures lights are maintained and replaced where necessary, but also that software running the communications is managed and updated actively. This reduces running costs and accelerates the adoption of lower-energy devices. These managed services require strong technology foundations based on security from inception, to provide secure device protection, communications and management.
Security is the foundation of value across connected devices, and organisations must also be aware of rapidly evolving legislation in this field. Solutions and tools now exist to simplify the process, but the clock is ticking.
LinkedIn: Haydn Povey