Proving the Business Case for the Internet of Things

IoT to reshape IT security programs by 2020: Gartner

Iain Morris
May 6, 2014
The security requirements of Internet of Things (IoT) services in sectors like energy and healthcare will force global enterprises to reshape and expand their IT security programs by 2020, according to new research from Gartner.

In a release, the market-research company said chief information officers would have to redefine the scope of their security efforts beyond present responsibilities as M2M take-up grows.

“The IoT is redrawing the lines of IT responsibilities for the enterprise,” said Earl Perkins, research vice president at Gartner. “IoT objects possess the ability to change the state of the environment around them, or even their own state; for example, by raising the temperature of a room automatically once a sensor has determined it is too cold or by adjusting the flow of fluids to a patient in a hospital bed based on information about the patient's medical records.”

“Securing the IoT expands the responsibility of the traditional IT security practice with every new identifying, sensing and communicating device that is added for each new business use case,” he added.

Although traditional IT infrastructure is capable of handling some IoT-related tasks, functions that are delivered as purpose-built platforms signal a change in the traditional concept of IT and the concept of security IT, says Gartner.

“This is an inflection point for security,” said Perkins. “Chief information and strategy officers (CISOs) will need to deconstruct current principles of IT security in the enterprise by re-evaluating practices and processes in light of the IoT impact.”

“Real-time, event-driven applications and nonstandard protocols will require changes to application testing, vulnerability, identity and access management (IAM) — the list goes on,” he said. “Handling network scale, data transfer methods and memory usage differences will also require changes.”

Gartner says CISOs must not automatically assume that existing security technologies must be replaced but instead evaluate the potential of integrating new solutions with old ones.

It notes that many traditional providers are already expanding their portfolios to incorporate basic support for embedded systems and M2M.

“The requirements for securing the IoT will be complex, forcing CISOs to use a blend of approaches from mobile and cloud architectures, combined with industrial control, automation and physical security,” said Perkins. “The technologies and services that have been used for decades to secure different eras of computing are still applicable in most cases.”
Other News
PEP Stations and Axeda Charge Ahead with Remote Monitoring and Reporting
PEP Stations needed a remote monitoring and reporting solution for its electric vehicle charging stations, which served building tenants.  
Numerex M2Mdirector Delivers Cost Savings and Safety Benefits to the Oil & Gas Industry
Managing marginal well operations is labor intensive. Pumpers drive to each tank daily to check water and oil levels and equipment, including drilling motors. If levels are too high, pumps must be manually shut down to avoid spills and incurring fines and cleanup costs.