internet of thingsThere are billions and billions of devices connected to the Internet right now. More devices than people, in fact. The IoT has empowered us in many ways: from helping us track our health and fitness progress through connected watches and bathroom scales, to bringing proactive maintenance and automation to manufacturing.

Each of these opportunities brings big potential profits to any company that learns to harness them, in the form of greater productivity and profitability and better access to useful data. But each one also represents a major possible point of entry anytime its users don’t take security seriously. And, sometimes, even when they do.

IoT and big data are actively driving the future of cybersecurity — both the risks and a host of new tools to fight them off.

00Intro

The Further Blending of Hardware and Software

Cybersecurity requires diligence and good habits — and even better hardware and software. One of the most tangible ways big data and the IoT have left their mark on cybersecurity, and how we protect ourselves and our businesses, has to do with the increasingly large overlap between hardware and software.

What do we mean? It’s like taking your car in for an oil change and finding out it needs a software update while you’re there. Likewise, as connected devices and infrastructure like fire alarms, light controls, industrial equipment, etc., become more and more a part of our networks and systems, we’ll have to get more comfortable with planning for future updates. Literally, it means wiring up something as innocuous — but potentially life-saving — as a connected fire alarm to electricity and Internet access.

To put it another way, “over-the-air” software updates could mean the difference between uninterrupted productivity and finding yourself the victim of an already-patched security exploit, like what happened during the WannaCry ransomware attack.

The Necessary Automation of Some Security Processes

To hear the experts tell it, the nature of today’s and tomorrow’s sophisticated, connected, always-on facilities means even modestly sized companies can see up to 200,000 security “events” in an average day. A security event could be something as simple as multiple incorrect password entries for a particular user. But even something that commonplace takes up IT personnel, time and resources to resolve.

Things get even more complicated the larger you scale. For some of IBM’s bigger security contracts, companies that operate globally can see literally billions of security events per day.

Suffice it to say, as companies everywhere in the world increase their productivity and profitability by seeking out connected equipment and service solutions, our collective “attack surface” grows larger by the day — and so does the potential for cyberattacks and other unscrupulousness.

Thankfully, machine learning and other forms of automation will take some of the burden off our IT departments by recognizing some of the more mundane types of security events and handling them in a way that doesn’t pull engineers away from their work. As of this writing, up to 39 percent of corporations have already implemented some kind of automation in handling everyday security events.

New Ways to Prevent Data Theft

So far, we’ve focused a lot on the ways IoT and big data introduce complexity and new types of threats into our companies and workflows. But it’s worth mentioning how these advancing technologies are helping us develop new strategies for balancing the convenience of the cloud with security robustness.

For example, even as companies grow more dependent on their omnipresent cloud data to keep their processes and facilities agile, the companies providing these services, and some of the accompanying security tools, have had to redress how they handle theft prevention and active breaches.

In many cases, as a result, industrial big data systems and shared network resources sometimes come with what’s most easily called “data fingerprinting” in the form of hidden log files in company directories. Big data tools like these make it possible to track intruders and misplaced data in real time, to gather information about security events and cyberattackers, and to generally mount a response quicker and avoid an even worse problem in the future.

In this way, the proliferation of connected and cloud-based technologies is a double-edged sword. For every useful tool, there’s an exploit. And for every exploit, there’s a way to defeat it — for the right price. And that brings us to the final sea change big data and the IoT are bringing to industrial-scale and small business cybersecurity.

Bigger Spending on Cybersecurity Hardening

Every company in the world that conducts any portion of their business digitally is going to become somebody’s cybersecurity client, or have to hire or consult with a contractor. In 2017, the Identity Theft Resource Center predicted the world of industry and commerce would experience 39 percent more cyberattacks than the previous year.

As a result, companies will probably spend $93 billion per year on defending themselves throughout 2018. That likely means you, too, if you own or speak for a small or medium-sized business that relies on digital infrastructure to sell, manufacture or move something.

The Better Business Bureau is just one resource that’s helping educate small business owners on cybersecurity and clearing up some stubborn misconceptions. One of these is the idea that spending more money necessarily means a safer company. According to the BBB’s cybersecurity report, there is a clear point of diminishing returns.

Nevertheless, it’s clear even small businesses in the near and distant future will have to take IT and security spending seriously. Estimates wouldn’t be helpful without some information to go on about your business, but consider the inverse: What you’re preparing yourself to defend against, and ideally prevent, is a loss of profitable data. For small businesses, the cost of a data breach could be the current average of $2,000, or as high as $1 million.

The point is, while all business entities will have to start spending, or start spending a little more, the cost-benefit analysis works out in our favor. There is a great deal of potential in decentralized technologies like blockchain, but for the time being, we all share in the productivity and convenience benefits of cloud computing, IoT and big data — and for better and worse, we all take part in helping develop new security solutions, and, eventually, brand-new technologies.

The post is by Nathan Sykes is a business writer with a passion for tech and IT. To see more posts by Nathan, you can read his blog, Finding An Outlet, or follow him on Twitter.