January 2018: Blockchain: A New Hope for IoT Security
Every business that needs security needs blockchain.
In an IoT (Internet of Things) connected world, a network is only as strong as its weakest link. This means security will never be off the agenda; it will always be a necessary topic of discussion for the industry, including all players participating in the IoT supply chain and end users. The future of society is being shaped right now by businesses’ and consumers’ dependency on connected devices and systems, and, as a result, the prize is continuously getting bigger for those looking to exploit these devices and systems for their own gain.
Looking ahead to the coming year, bad actors will continue to be a factor across all sectors and industries adopting the IoT, from government and defense, healthcare, retail, financial services, and beyond. Cybercriminals will likely succeed in some of their attempts, and the results may wreak havoc on those affected. Hopefully, these cyber criminals will be unsuccessful more often than not, and their attempts—both successful and unsuccessful—will lead to valuable lessons learned for affected and unaffected parties alike.
The cybersecurity playing field continues to change. For those leveraging the Internet of Things, there is a bright spot on the horizon, and the world is now calling it blockchain technology. It is being hailed as a “new hope” for IoT security. Blockchain has been launched onto the scene relatively quickly thanks to the growing success of cryptocurrency in today’s business and technology spheres.
Data Security in 2018 and Beyond
Gil Perez, senior vice president of IoT and digital supply chain at SAP, www.sap.com, says heading into 2018, the most concerning trend in security is the growing number of public and successful IoT attacks. “As more and more devices are connected, a larger surface of attack is available, and the prize is getting bigger all the time, attracting more and more hackers to try to compromise the system,” Perez openly admits.
Blockchain Stepping Stone Future
Everyone is talking blockchain these days. For some it is the new “gold rush,” that is capturing headlines, touting massive growth projections. According to Gartner, the business value-add of blockchain will grow to more than $176 billion by 2025. And that means for many, it’s potential, much like the Internet—which once burst on the scene—has become much too profitable to ignore.
As society advances we are facing significant social and ethical forces in our global economy that we need to navigate from urbanization, climate change, technological, biological, and more.
It seems everyone is reeling about how the blockchain will mine all this information. The real question here is will the blockchain live up to all its hype? Will technical mishaps, market confusion, and lack of blockchain’s increasing different approaches about its ability to deliver speed and convenience mean companies will lose confidence in its capacity to accelerate adoption?
The ecosystem for adoption is vast, but so are the hurdles for the companies and businesses that must embrace, supervise, and implement a blockchain framework. Is it really as disruptive as all the analysts and consultants are saying?
According to Deloitte, companies should be past all the hype discussion and should now be settling into adoption around open, shared ledger platform and trending towards a path to commercialization.
In fact, Deloitte says there will be even more use cases emerging that emphasize enterprise-specific applications that generate a real ROI (return on investment). The consulting firm insists that companies need to develop a roadmap to ensure a successful blockchain implementation. This roadmap, stresses Deloitte, can also begin influencing standardization discussions all while exchanging best practices ideas with like-minded CIOs.
According to PwC, another consulting firm, the blockchain is still a participatory sport and companies that take a wait-and-see attitude will discover implementation to be very costly. PwC is encouraging customers to begin “testing, planning, and learning” the fundamentals of the blockchain technology and applying it as soon as possible.
Much like Deloitte, PwC insists companies will find it easier to create a workable implementation plan for building blockchain into their infrastructure by investing in blockchain initiatives now.
Want to tweet about this article? Use hashtag #IoT #M2M #blockchain #AI #bigdata #machinelearning #analytics #security #cybersecurity
Click to Enlarge
Security vulnerabilities won’t be limited to consumer connected devices like home security cameras and baby monitors either. Perez explains that IoT devices in industrial and commercial settings are vulnerable as well. “In 2018, we are also going to see the beginning of large industrial IoT attacks,” he warns. “This can include any production lines across multiple industries … (including the) electrical/gas/water grid and even autonomous vehicles.” Because hackers will mercilessly seek out a network’s weakest point and compromise it, Perez says companies in industrial and commercial settings must ensure security industry standards and best practices are being implemented at every point of the connection.
“As more and more devices are connected, a larger surface of attack is available, and the prize is getting bigger all the time, attracting more and more hackers to try to compromise the system.” –Gil Perez, SAP
The NIST (National Institute of Standards and Technology), www.nist.gov, is one industry player that is contributing to the creation of IoT industry standards and best practices. Katerina Megas, manager of cybersecurity for the NIST’s IoT program, says the institute has held public sessions to discuss various parties’ thoughts on what industry and government can do to advance a more secure Internet of Things and enhance the resilience of the Internet against automated distributed threats like botnets, many of which are frequently IoT-based.
“During the various sessions, stakeholders discussed needs for research around the identity and authentication of ‘things’, as well as research into new and innovative approaches to security geared towards IoT,” Megas says. “NIST also heard from industry that the government could play a role in leading by example, as well as NIST producing guidelines to help organizations understand and manage cybersecurity and privacy risks associated with the use of IoT.”
Megas says NIST anticipates tremendous growth and continued adoption of IoT devices in 2018. “Many of these devices are generating data that is dispersed across the cloud, the cloud’s edge, and devices,” she adds. “In addition, data-sharing platforms are gaining in popularity as there appears to be considerable interest in industry to realize even more of the potential of the IoT by combining these large data pools of IoT-generated data in innovative ways. Securing these large amounts of data that is both centralized as well as distributed—and ensuring its integrity at rest and in transport—will continue to be a challenge as scale increases.”
How will industry approach these growing challenges in 2018 and beyond? One potential solution is leveraging blockchain. Blockchain is perhaps most talked about in the financial technology and services industry, where, according to PWC, www.pwc.com, 77% of businesses expect to adopt blockchain as part of a production system or process by 2020. Interest in this technology has been building for several years. In 2015, for instance, 13 blockchain companies secured just over $365 million in funding. That number passed a billion in 2016, according to some sources, and has continued to expand ever since. Accenture Research, www.accenture.com, suggests the trajectory for blockchain is as follows: exploration and investment phases in 2015, early adoption in 2016 and 2017, growth in 2018-2024, and maturation by 2025. In 2018, expect blockchain and the IoT to converge more than ever before.
Blockchain and the IoT
Ahmed Banafa, general engineering faculty and advisor in the Davidson College of Engineering at San Jose State University, www.sjsu.edu, echoes the sentiments of Perez and Megas, saying the speedy proliferation of IoT adoption in the past few years has resulted in billions of interconnected devices, and as more IoT devices enter the channels, it will result in more cybersecurity attacks. Banafa points to the October 2016 DDoS (distributed denial of service) attack as a prime example of the urgent need for new security technologies.
“Security will be the major challenge that needs to be addressed (in 2018),” Banafa says. “As the world becomes increasingly high-tech, devices are easily targeted by cybercriminals. Consumers not only have to worry about smartphones (but also) other devices such as baby monitors, cars with Wi-Fi, wearables, and medical devices can be breached. Security undoubtedly is a major concern, and vulnerabilities need to be addressed.”
Banafa believes blockchain offers new hope for IoT security. “The astounding conquest of cryptocurrency, which is built on blockchain technology, has put the technology as the flag bearer of seamless transactions, thereby reducing costs and doing away with the need to trust a centered data source,” he says. “Blockchain works by enhancing trustful engagements in a secured, accelerated, and transparent pattern of transactions. The realtime data from an IoT channel can be utilized in such transactions while preserving the privacy of all parties involved.”
IDC’s, www.idc.com, FutureScape report “Worldwide Internet of Things 2017 Predictions” predicts that by 2019, 20% of all IoT deployments will have basic levels of blockchain services enabled. Tim Hahn, chief architect for IoT security at IBM, www.ibm.com, describes blockchain as “a technology that consists of a ledger, a consensus algorithm, and a means for performing transactions on that ledger.” In an interview for IBM’s developerWorks TV, Hahn says ultimately, blockchain allows companies to build trust, reduce costs, and accelerate transactions.
What Is Blockchain to the IoT?
If you talk about the future of the IoT (Internet of Things) blockchain is bound to enter the conversation. If you have visited the Connected World Website at this month, you know that we’ve dedicated a lot of content to both data security and blockchain.
Protecting Your Data in 2018?
To start the New Year it only seems fitting to look back and address what went well with cybersecurity and data privacy. If we look back at 2017, the data, the trends, what went wrong, and what went right we see the year was wrought with a lot of ups and downs.
Blockchain: Lesson or Not?
Lots of companies are buzzing about blockchain. But there are still many of you that are taking a wait-and-see attitude about the technology. And frankly, as I see it, you must be a student of history.
IoT Security Starts with Education
IoT security. For this column I really want to talk about how IoT security impacts the manufacturing industry since that is what the main feature here really addresses as well.
The advantage of blockchain, according to Banafa, is that it’s public; everyone participating can see the blocks and the transactions stored in them. However, this doesn’t mean everyone can see the actual contents of an individual’s transaction, because this data is protected by an individual’s private key. Furthermore, a blockchain is decentralized, so there is no single authority that can approve the transactions or set specific rules to have transactions accepted. “That means there’s a huge amount of trust involved (in blockchain), since all the participants in the network have to reach a consensus to accept transactions,” Banafa explains. “Most importantly, it’s secure. The database can only be extended and previous records cannot be changed—(or), at least, there’s a very high cost if someone wants to alter previous records.”
As IoT technology continues to evolve at a rapid pace and as consumers and businesses embrace the game-changing potential of the Internet of Things for their lives and businesses, security technologies will support and enable this growth. And that, Banafa says, is exactly why the IoT needs blockchain technology. “If you need security, you need blockchain,” he states. “In 2018, increased interest in blockchain technology will make the convergence of blockchain and IoT devices and services the next logical step for manufacturers and vendors, and many will compete for labels like Blockchain Certified.”
And yet, for this to happen, SAP’s Perez says blockchain will need to be widely accepted and adopted not only as a technology but also as an integral part of business processes across companies, industries, and globally. “Blockchain is a new and game-changing technology,” Perez says. “(But) for blockchain to have a global impact, it needs to (be) adopted by the business community across governments and private companies. (Also,) blockchain as an immutable and secure technology becomes irrelevant if the data that goes into the distributed ledger is not accurate. Thus, the industry needs to ensure we are putting the right elements in place to safeguard from inaccurate information being stored in blockchain … ensuring that the data going into any blockchain scenario from any IoT device/sensor is accurate and not compromised.”
“If you need security, you need blockchain.” –Ahmed Banafa, San Jose State University
Predictive Maintenance for All
Predictive maintenance has the power to significantly increase uptime for companies as well as save in energy costs. These savings, combined with additional benefits, can cause 13% reductions in the overall budget. Despite all these benefits, Saar Yoskovitz, CEO and cofounder, Augury, says 88% of companies do not leverage predictive maintenance practices. Yoskovitz postulates that startup costs are a big turn off for most manufacturers and explains how his company is working toward cutting those costs so that more companies can adopt these best practices. He goes on to speak about the importance of data security when it comes to new technologies and why companies shouldn’t let their security concerns curb their implementation of new tech.
Thanks to the popularity of cryptocurrencies like Bitcoin, blockchain is being talked about in more circles than just the technology community. For instance, Perez says business executives have been engaged in discussions and evaluations of blockchain from its early phases. “As such, blockchain is evolving and maturing quickly on both the technology and business (sides),” he says. “This is having an immediate impact on the adoption of blockchain, as the business owners’ input, involvement, and sponsorship is already in place.”
With the advent of every groundbreaking new technology, NIST’s Megas says there is the phase during which everyone tries to apply it to every problem imaginable. The same is happening with blockchain, but, eventually, she says the technology will find its place. As IoT adoption expands in the coming years, the industry’s ability to provide security solutions will be a lynchpin for this growth. Blockchain technology may offer new hope for IoT security—technology that will go a long way in protecting the data and devices responsible for improving lives and businesses across the globe.