Posts tagged security

Will utilities drive IoT security market growth?

iStock_000079839049_Small

Utilities will be among the sectors rushing to keep their fast-growing Internet of Things (IoT) systems safe from hackers will drive growth in the IoT security market by 55% between 2016 and 2020, according to a new study.

The report by MarketResearchReports.biz entitled “Global Internet of Things Security Market 2016-2020” found that IoT security will be driven by such end-use industries as automotive, healthcare – and especially utilities. It predicted a compound annual growth rate of 55.01% over the period.

“During the forecast period, the utilities sector is expected to drive the demand from the market with highest adoption of IoT security solutions,” the report media release stated. “Extensive implementation of smart meters and IoT for utility management systems such as gas, energy, water, and oil will contribute towards the growth of the market.”

This report follows a recent Gartner study that found similarly impressive growth prospects in the world of IoT security. Gartner predicted worldwide expenditures on IoT security will grow by 24% this year to $348 million, then grow to $547 million in 2018 and to $841 million in 2020.

Sensor tech propelling growth but also security concerns

The report sees recent advances in sensor technology propelling global IoT security market growth, which will lead to increased IoT security adoption in the future.

“However, high total cost of ownership of IoT security solutions will negatively impact the growth of the market during the forecast period,” said the report. “The emergence of integrated security solutions will open new opportunities for the market in the near future.”

In the report many of the key vendors in the worldwide IoT security space were profiled. These included: Nokia, NetComm Wireless, Palo Alto Networks, Cisco Systems, Intel, Broadcom, Sierra Wireless, Secure Crossing, Systech Solutions, Sophos, IBM, Gemalto, Kore Wireless, Numerex, Rockwell Automation, Symantec, Infineon Technologies, Axeda Machine Cloud, Fortinet, Eurotech, Tofino, Ventus Wireless, Digi International, Ericsson and Telit.

The geographic scope of the report covered such regions as: the Americas; Europe, the Middle East and Africa; and the Asia Pacific region.

The post Will utilities drive IoT security market growth? appeared first on ReadWrite.

View full post on ReadWrite

Will utilities will drive IoT security market growth?

iStock_000079839049_Small

Utilities will be among the sectors rushing to keep their fast-growing Internet of Things (IoT) systems safe from hackers will drive growth in the IoT security market by 55% between 2016 and 2020, according to a new study.

The report by MarketResearchReports.biz entitled “Global Internet of Things Security Market 2016-2020” found that IoT security will be driven by such end-use industries as automotive, healthcare – and especially utilities. It predicted a compound annual growth rate of 55.01% over the period.

“During the forecast period, the utilities sector is expected to drive the demand from the market with highest adoption of IoT security solutions,” the report media release stated. “Extensive implementation of smart meters and IoT for utility management systems such as gas, energy, water, and oil will contribute towards the growth of the market.”

This report follows a recent Gartner study that found similarly impressive growth prospects in the world of IoT security. Gartner predicted worldwide expenditures on IoT security will grow by 24% this year to $348 million, then grow to $547 million in 2018 and to $841 million in 2020.

Sensor tech propelling growth but also security concerns

The report sees recent advances in sensor technology propelling global IoT security market growth, which will lead to increased IoT security adoption in the future.

“However, high total cost of ownership of IoT security solutions will negatively impact the growth of the market during the forecast period,” said the report. “The emergence of integrated security solutions will open new opportunities for the market in the near future.”

In the report many of the key vendors in the worldwide IoT security space were profiled. These included: Nokia, NetComm Wireless, Palo Alto Networks, Cisco Systems, Intel, Broadcom, Sierra Wireless, Secure Crossing, Systech Solutions, Sophos, IBM, Gemalto, Kore Wireless, Numerex, Rockwell Automation, Symantec, Infineon Technologies, Axeda Machine Cloud, Fortinet, Eurotech, Tofino, Ventus Wireless, Digi International, Ericsson and Telit.

The geographic scope of the report covered such regions as: the Americas; Europe, the Middle East and Africa; and the Asia Pacific region.

The post Will utilities will drive IoT security market growth? appeared first on ReadWrite.

View full post on ReadWrite

The sorry state of IoT security (part two)

clock symbol on virtual screen with blue matrix

Hadi Nahari is the Vice President of Security and CTO at Brocade Systems. He also has been actively appearing on the convention trail trying to get the industry to sit up and take notice of the latest security issues, and how the Internet of Things (IoT) is making things even worse. This is the second part of a two-part series.

ReadWrite: We had a great interview couple of weeks ago that came out of the Structure Conference talking about the difference between data in motion and data at rest and that the complexity has two axes. It’s latency versus processing power, and where you drop that cognitive processing. Do you put it on the edge, do you put it on the device, do you break it down and all of that has security implications.

HN : Yeah, the common paradigm of networking is should we do things ahead of time and then go in and focus on data that they have in motion. I think that many of these, and I’m not implying that they’re bad or outdated or ineffective, many of these are old paradigms which were good constructs. They were good tools to think frameworks to reason about a problem in the old days. But because of  the scale of our systems and also because of the amount of data that is generated. We have to really shift our paradigm of thinking about the problem not just focusing on the solution.

Hadi Nahari, VP, Security for Brocade

Hadi Nahari

What I’m trying to get across is those are good tools for a constrained set of problems. This is the way we thought about security: you define the assets, you define the processing points, you define the flow and data, you identify what’s at risk, what’s in motion. And then you make an assumption as to the security the demands are based on, governed by whether something is at risk or in motion. You go ahead and provide tools and guidelines and you put in place a certification and validation scheme, and then you can reason if something is secure or something is breached or not.

What used to work doesn’t work anymore

Those worked for a long time, and ironically I’m more surprised that they worked for that long but the point is it’s less surprising that it is broke and more surprising that I’ve worked for such a long time. I think IoT is one use case where the cracking is showing a lot better, its sheer complexity that we have. Now, I’m going back to the actual data where it makes sense and which part is the processing point. Realistically, the boundaries were not really real, the boundaries of whether it makes better sense to process something in the endpoint or backend for security reasons or such. 

Things that used to be an endpoint or a backend are themselves also shifting. In addition to the amount of data, in addition to the  amount of storage, that’s in addition to the complexity of us being able to process this data and that’s in addition to what are the security ramifications of this.

For instance, being able to perform predictive additional analytics so that your system learns what  word you’re going to type in a text would have required your key punches going back to Google, and Google’s big machine learning brain processing to learn about it and then pushing to your Android phone in your hand. So it would require a lot of network interaction because the computing power required for doing things like that would be really huge. Right now, not all of it is happening on your phone, but on your phone in your hand, you already have a system that has the basics of doing these things in a very small scale or at least do part of it with computing power which is becoming every day more and more powerful, so its capabilities are more and more local.

We are kind of free falling in a world with multi-dimensional things changing and we’re trying to kind of simplify it by some of the rules that we know from the past that worked when we were just walking in a two-dimensional world but right now we’re in a 20 dimensional world and we just understand the two-dimensional world and no wonder we’re kind of confused a little, like chickens running with our hairs on fire. Whoever doesn’t realize just how dire our security situation is, is really not understanding how our security or the lack thereof is. 

At the RSA Conference this year, Nahari asked is IoT will overwhelm security

At the RSA Conference this year, Nahari asked is IoT will overwhelm security

 

RW: let me ask you this a different way, what are you looking forward to, what looks like really cool or promising in all this doom. What are you really excited about in this going forward?

HN: I do think right now we’re in such a shitty situation in the security field. There are some who are already hoping that they could just have a back door and apply their old little world techniques into prying into data and solve the security problem and solve a crime. And the only thing distracting them is encryption and if only if they could just open it and have a back door life would be good, everything would be solved and everything would be back to good old days.  I mean that just on its own really sad.

I think if we stick with our two-dimensional world approach to a hundred dimensional world of reality and problem, it’s already just doomed. I mean, we got much more security companies than you had five years ago, and at the same time, you have much more successful breaches and incidents and attacks and data losses than five years ago. What does that tell you?

Shit’s not working so we have to stop thinking the same way\ when the world has changed and to their credit hackers are much more advanced, much more adaptable and much more structured, which is an amazing thing on its own. It’s a not completely a 100% organized system but they behave as if they’re completely coordinated and organized. They are not but it’s a wonderful case of studying how processes work in the hacker world. It’s driven by hyper-parameters and the security community is not. They are very much organized and centralized than  the “disciplined” world of security, things are not as organized and as efficient as the hackers.

So do I think everything is broken if we stick with the currently accepted framework? But I really think that we have an opportunity here and I see some small corners of action that are showing people are trying to look at the problem differently. They are not just thinking about different solutions. They’re trying to kind of identify and  parametrize and measure and size and define the problem differently and that to me is exciting in terms of thinking that it is  in terms of technology,

So I think this is going to take a couple of years but that whole new mentality is coming up  and coming from entities that are not well known in the security world. The security world has got a lot of well-established companies that are the epitome of innovators dilemma, they are so slow and so solid in thinking the same way over and over and over because there’s a lot of money because they don’t see that they’re losing their technology battle because they’re not losing money. The new entrants are really showing progress, so I’m positive that this is going to turn the tides. Right now we’re not there but I’m starting to see the signs.

The post The sorry state of IoT security (part two) appeared first on ReadWrite.

View full post on ReadWrite

The sorry state of IoT security (part one)

clock symbol on virtual screen with blue matrix

Hadi Nahari is the Vice President of Security and CTO at Brocade Systems. He also has been actively appearing on the convention trail trying to get the industry to sit up and take notice of the latest security issues, and how the Internet of Things (IoT) is making things even worse.

We sat down with Hadi for a far-ranging interview on the state of security in technology today. This is the first part of a two-part series.

Hadi Nahari: I’ve been doing security for a quarter century and I tell you, like seven years ago, I had to justify to people why I exist, why I’m alive and what purpose do I serve in the world. It was just that in the security view of the world, you kind of started your profession by accepting that things are broken. And it’s difficult to describe to people why things are broken and there was always the same kind of tools that people had, project managers had, managers had to kind of diss you that everything is theoretical and at the moment was okay.

So theoretically it could be done, but really show me the loss that we had. So we would go and try to assess  data that didn’t exist or if it existed, it wasn’t accessible. Right now, and I hesitate to say things to the hackers, but in a way, it’s ironically thanks to the hackers that I don’t need to go ahead and sweat that much. The problem has shifted and so okay, what can you do about it. 

Hadi Nahari, VP, Security for Brocade

                         Hadi Nahari

Now all of a sudden the same people have realized all of those trends are materializing and it’s not to say that yeah, it’s time to go back and tell them I told you, but the problem has shifted right now as to everyone wants a solution like now. And that’s a difficult problem for things that require monumental change so that’s one of the trends that is currently in this decade.

ReadWrite: And then you multiply that with IOT in the connected world where security is not just dependent on you, it’s dependent on your partners as well.

HN: Let’s say it’s an anchor, and this link is dropping one by one into the ocean from this ship and we’re all sinking together, and the ones who are on the ship are really happy that they haven’t dropped. And then you show them, look at that chain, it’s connected to your ankle and you’re going to drop in the water too. It’s a very rude awakening  if you will.

RW: Well, it’s like you do everything in terms of data and security hygiene and then your kid brings home the Wi-Fi Barbie and just blows the whole thing to pieces.

HN: Yes, so one of the fun parts of being in security in a kind of ironic way, is that it is dynamic and things like those happen. But I really believe the fundamental nature of data and security are going to change in this world and no else has got their arms around that yet. And there’s a great deal of focus on the marketing and solutions and business part, which is fine, I mean it’s okay to make money and solve a real problem, I cannot be against that.

There’s a lot of focus on unfortunately snake oil security, things that are not really security but kind of take advantage of the security fear. There’s a lot of focus on encryption, and things like that and really, it’s very confusing if one doesn’t know how to wrap their head around it. It gets very confusing so that’s my motivation to want to work with folks like yourselves who are trying to invest in this need and be able to provide something in the midst of all this confusion, and provide something tangible and useable to people.

At this year's RSA Conference, Nahari discussed IoT and security

At this year’s RSA Conference, Nahari discussed IoT and security

 

IoT not registering with security professionals

RW: What do you think it’s the biggest thing that is not getting through successfully right now?

HN: It’s difficult to pick one thing but the real concern that I have is the general public, sometimes even the technologists, think it’s just passing through them and they don’t see the immensity of this scale and complexity, to the rate that is becoming very, very, difficult to even reason about. Meaning, we all on average know gosh, someone said I don’t know the source but on average we all may come across 300 people in our lifetime and we know roughly like a hundred of people in our lifetime. We come across a very limited number of people but those smaller numbers of people are actually able to affect our opinion and our decisions.

The point here is, the same thing applies to our perception of the technology and our perception of some of the things such as security or lack thereof around us. We all have a very limited kind of sample to make our conclusion on decisions when it comes to security, when it comes to complexity, when it comes to technology around us. What concerns me is when you try to provide reason, data, justification, logic to people to say look, this is really a serious issue. People based on their limited exposure, limited approach have found ways to kind of justify, numb themselves and that’s coming from technologists. That is concerning, some of those people see it as job security but I’m concerned.

When I tell them that the systems are already past the level that you could reason that about them, let alone secure them, they say oh that’s theoretical. Oh, that’s nothing, you’re just bloating it because it is your field and you’re paranoid. We’re going to figure it out they say, and I think the immensity of the problem and the scale of the problem is passing the stage where we could really do something about it. I think it’s concerning.

The post The sorry state of IoT security (part one) appeared first on ReadWrite.

View full post on ReadWrite

Go to Top
Copyright © 1992-2016, DC2NET All rights reserved