Consulting firm BCG predicts $267B will be spent on IoT technologies, products, and services by 2020. This means intensifying IoT-enabled infrastructures’ defenses will be the topmost priority for enterprises. Experts share how channel partners can play a role in securing IoT for businesses.
The growth of connected devices and systems through Internet of Things (IoT) technology is mushrooming at a rapid pace. According to reports, IoT has the potential to revolutionise industries and generate immense value over the coming years. With the proliferation of this space, it has become imperative that security for these IoT-enabled infrastructures must be engineered at the design stage itself.
Cisco’s recent research of enterprise IT and business decision makers revealed that their top challenges with implementing IoT initiatives included security of business data, standardisation of IoT platforms and compatibility with business systems as well as the cost of implementation.
“Security and data privacy issues are critical elements that are being addressed. Equally, there are organisations and committees that are working hard on establishing IoT standards to ensure compatibility between all the different IoT components,” says Scott Manson, cybersecurity lead, Middle East and Africa, Cisco.
Fortinet’s regional channel manager Zacky Vaz says because of IoT’s critical and complex nature, security continues to be one of the largest opportunities for the channel.
“Partners who can plan, design, deploy, and optimise an integrated security offering are finding a growing demand for their skills. By tying traditional security appliances and emerging technologies together into an integrated security fabric, partners can help their customers collect and respond to more actionable intelligence, synchronise threat responses, and centralise the creation, distribution, and orchestration of their security management and analysis,” he adds.
Channel partners should look at examining multiple aspects in the IoT security realm such as device and data, service and application security.
Mohammad Jamal Tabbara, senior systems engineer, UAE, Infoblox, says, “According to a study, almost 57 percent of IoT devices are not secured.”
This is because many of the IoT devices that exist today are deficient in the fundamental security measures required in order to provide a secure IoT ecosystem. Tabbara adds, “This will continue unless regulations are put in place because IoT brings many existing Internet security threats and data theft, which we have seen in the past along with new evolving ones.”
The economics of IoT for vendors indicate that security will continue to be an after-thought for IoT-enabled devices unless regulations are enforced. The current scenario gives rise to many opportunities for the channel.
“This is where partners must provide platforms and solutions that can mitigate threats and malicious communications at every layer of the IoT infrastructure. This is in addition to the security fundamentals required to be provided and maintained, such as data encryption, secure authentication, data integrity checks, along with continuous updates, patches, and bug fixes,” he says. “These security platforms and services should not be in silos.”
In order to monetise IoT through security-focused services, partners should look beyond perimeter defences.
Cisco’s Manson says, “Security today needs to be visibility driven similar to the network and the focus should be on threat centric security. The biggest problem for customers is trying to keep the threats out. But threats are so pervasive now because they are being built by professional cybercriminals.”
He suggests that by moving it to a platform-based approach it brings more capabilities to customers and reduces complexity.
“On the services side of security, this area is growing faster than actual product sales. Offerings such as advisory services, managed services, deployment services, incident response services and a managed threat defense service is providing an 8.9 percent growth for the channel specifically in the mid-market over strict product sales.”
According to Tabbara, the industry has created multiple standard security protocols and platforms such as STIX and TAXII to facilitate the cybersecurity integration between third party security vendors via an “ecosystem platform and metadata that IoT infrastructure must have and leverage.”
He adds, “The channel partners and distributors need to be able to offer and provide IoT solutions protected by orchestrated ecosystem security platforms, which is a major opportunity for them along with the IoT vendors and manufactures.”
While the prospects that exist in securing IoT is undeniable, it must be noted that actual on-ground implementations of the technology are still relatively new.
Ettiene Van Der Watt, regional engineering and training manager, Middle East and Africa, Axis Communications, says, “Its application is yet to be experienced in a large-scale environment with a long-term testing phase. Therefore, at this point, a consulting approach is important to outline requirement and scalability, with room for adjustments. When applied correctly with positive results, technology sales will automatically rise. Solution providers must understand how IoT adds value.”
Agreeing, Sanjay Ahuja, senior VP, MEA, AGC Networks, says, “Partners need to understand the value in businesses wanting to have safe and secure connections. They can also provide managed security services in order to reduce cost of administering, troubleshooting and remote monitoring as more and more devices get added to the network.”
Developing additional skills to support new and complementary platforms is also a critical element. Building trusted security around an IoT system requires team effort, says Ahuja.
“Partners are anxious to tap the right talent and bring on professionals who have the right knowledge on IoT technologies. They must also have the necessary training and certifications from vendors that have IoT solutions, as this is critical.”
Additionally, partners should also possess skills such as keeping information safe and secure from attacks such as botnets, DDoS and malware and acquire business intelligence, as IoT is all about collecting, storing and analysing data from different smart devices.
Der Watt says, “We believe that companies that focus on developing IoT systems that mine available data, focus on cost saving and efficiency, will add value to the IoT ecosystem and find their natural place in this domain with great potential for success.”
According to Tabbara from Infoblox, regional IoT services and initiatives will become even more accessible, efficient, available, secure, and convenient for the individuals and businesses.
“Channel partners who are not ready yet will continue to miss vast market opportunities,” he says.
Partners who are in a position to offer vertical specific IoT integrations and automated solutions will be most successful. However, this is far easier said than done. All stakeholders should step up and work together to offer IoT devices and related software required to operate and secure the ecosystem.
“This is where partners who have the right skills, ecosystem solutions and IoT integrations, and partnerships; will take the lead in the market by adding substantial values to their customers,” Tabbara adds.
Apart from acquiring right technical expertise, Vaz adds that developing customised solutions will also help partners to stay profitable in this area. He says, “IoT is a game changer for security. Customised services will enable partners to stay ahead of competition.”
Manson says, “The future for IoT in the Middle East is bright. Smart Cities are leading the IoT revolution, enabling governments to help lower costs, improve productivity, increase revenue, and improve citizen experiences through urban services such as smart parking, energy, traffic and waste management.”
In order to play a vital role in enterprises’ demand of securing IoT-enabled business environments, partners should first take the time to assess their business and skills while mapping out a clearly defined growth strategy. The initiative and drive must emerge from partners to be ahead of competition, after all, success comes to those who will and dare.