It’s official. There are officially more IoT devices than humans in the world. And by 2020, there will be twice as many of them than us. It can be a sobering thought, especially if you’ve ever seen the 1980s Stephen King movie Maximum Overdrive, where the machines came alive and turned homicidal. And according to a recent study by Gemalto, 90% of consumers said they don’t have confidence in IoT security. Furthermore, the study found that only 50% of companies have adopted a “security by design” approach, and more than half of consumers have concerns about their IoT devices being hacked or their data stolen. So maybe I’m not alone in my fears?
Even scarier is the fact enterprise security breaches are happening more often, with more brute force and at higher costs. There are an average of thirteen enterprise security breaches every day, resulting in roughly 10 million records lost a day—or 420,000 every hour. Security researchers are quick to point out the vulnerabilities of connected devices and the potential harm of connecting to a device that has not been properly secured.
But with a hint of apprehension comes big opportunities. Gartner predicts 20.4 billion IoT devices will come online by 2020. When taking into account the value created from technology, as well as the potential for new market opportunities, it is estimated that the IoT will generate $14.4 trillion in net profit for enterprises over the next decade.
One thing is clear; organizations across all industries need to begin consider how they will secure their IoT devices, but face challenges when they try to create solutions in house. IoT security threats are increasingly complex and constantly changing. Recent findings from 451 Group’s report 4Sight report: As Infrastructure Becomes Invisible, We are All Service Providers, show 57% of organizations face skills shortages and lack cloud expertise in areas such as architecture, operations, and security. And when trying to recruit for the required cloud expertise, 30% of organizations find it “very difficult”.
The skills shortage and complex threatscape, combined with an astounding 60-70% of all IT enterprises expected to invest majorly in cloud-based solutions by 2020 is very good news for Managed Security Service Providers (MSSP) who want to get in on the IoT bandwagon.
Getting in on the action
A report by ABI Research, IoT Managed Security Services to See Significant Financial Impact from Industrial Applications, says by 2021, overall market revenues for IoT managed security services are poised to surpass $11 Billion, a fivefold increase. The firm predicts the needs for IoT managed security services will initially be driven by the industrial internet (interconnected machines and devices and intelligent analytics).
It’s also looking like new innovative use cases, such as connected vehicles, smart cities and utilities will drive future MSSP revenues, gradually shifting away from traditional markets such as manufacturing, transportation, and oil and gas.
Gearing up for success
Organizations are looking for more from an MSSP than just a security solution. They need a partner (or partners) who will offer expertise, guidance and support. And there is evidence that security providers are coming together to integrate solutions and employ security across the entire IoT ecosystem. The industry is moving into a new era – securing the IoT, where encryption, cryptography, identity issuance and access management are a full-stack solution and not individual components. This way, security is built-in and is no longer an after-thought or a challenge. It becomes invisible and just happens, seamlessly, and securely.
Cloud-based data protection for managed service providers
As an MSSP you can take advantage of the immediate need to offer an IoT security solution that you can brand, bundle with your cloud or security services, and offer your customers a way to augment their security, effortlessly. By leveraging reliable, repeatable and profitable services, aligned to your business model, you can ensure the stickiness of satisfied customers, building in a range of security services, with single pane of glass management, across multiple clouds.
Gemalto offers such a solution with its SafeNet Data Protection On Demand, a cloud-based platform that provides a wide range of on-demand key management and encryption services through a simple online marketplace.
The thought of a world of unprotected “things” can be a scary place, especially if you are a fan of horror movies like me. But it’s also an incredible opportunity for service providers to take control by offering robust security solutions developed for the increasingly complex, connected world.
*** This is a Security Bloggers Network syndicated blog from Enterprise Security – Gemalto blog authored by Jennifer Dean. Read the original post at: https://blog.gemalto.com/security/2018/12/11/facing-the-fear-and-securing-the-internet-of-things-iot/