The Internet of Things (IoT) continues to gain a strong footing in the GCC across different sectors ranging from manufacturing and transportation to energy, according to a recent report by Booz Allen Hamilton.
However, the report also highlighted that the vulnerability of IoT to external cyber threats is higher than traditional IT.
The Booz Allen Hamilton IoT Field Guide also stated that industries are moving to IoT at a pace that is far greater than the ability to secure it. Traditional IT systems are generally self-contained and easy to protect. IoT, on the other hand, connects systems with tens of thousands of sensors and other devices around the world, resulting in a much higher variety and volume of potential threat.
In its latest Review of the Year, Kaspersky Labs revealed that the UAE was targeted for at least three massive cyberattacks in 2016. According to the Global Connectivity Index 2017, the UAE, followed by Saudi Arabia and Qatar, is the most connected country in the region. As connectivity increases, the vulnerability of IoT ecosystems to cyber threats also grows
Dr. Raymond Khoury, executive vice president and digital practice lead, Booz Allen Hamilton, MENA, said, “IoT is fast becoming a part of every industry and nearly every aspect of our everyday lives – from connected cars and smart buildings, to intelligent homes and even medical devices like pacemakers and insulin pumps.
He added that it is imperative that organisations visualise and understand the complex interconnections and intricacies of IoT to help identify where potential weaknesses and vulnerabilities lie so that adequate security efforts can be implemented in time. “They need to understand that security cannot be an afterthought – it has to be part of everything you do with IoT.”
Booz Allen Hamilton has identified that organisations with the best IoT security are proactive –they use real-time threat-assessment data and the latest advances in analytics to spot hidden IoT attacks.
The IoT Field Guide includes a ‘Resource Prioritisation Model’ that can help organisations mitigate and contain any risks. The model contains three elements – the technical risk assessment, the potential impact of an attack on the business, and mitigation strategies. The comprehensive model ultimately empowers an organisation’s leaders and stakeholders to make effective IoT security investment decisions.
The process of building the model makes sure that different teams understand their interdependent risks, technologies, and investments and it helps serve as a common platform for IoT security dialogue across the enterprise.
Danny Karam, vice president and digital life platform lead, Booz Allen Hamilton MENA, said, “It is not enough that organisations discuss cyber threats in the IoT context. They must formalise them into clear policies that everyone will follow. This involves considering the real cost, buying hardware from manufacturers that can help scale their IoT systems, ensuring that their software and hardware aren’t connected to their IoT systems unless they are secure and, finally, incorporating solid fundamental cyber security practices across all levels.”