The Internet of Things is one of the fastest growing technologies in social and business contexts due to its adaptability in different use cases. However, as IoT continues to play a larger role in different aspects of modern life, cybersecurity concerns continue to increase (Abomhara & Koien, 2015). The industry has not had time to mature, develop standards, and best practices to increase the security of IoT devices and services against existing and emerging cybersecurity threats. For instance, Lee (2020) conducted a survey, where they discovered that 80% of organizations with IoT related operations experienced cyberattacks to their devices and services in the last 12 months. Of these, 35% had an IoT security strategy, but only 28% has implemented it (Lee, 2020). If businesses and enterprises are to take cybersecurity risks to IoT devices and services seriously, they need to understand the key problems.
As an emerging technology, the IoT industry is facing different challenges. For instance, the lack of industry standards and best practices that help mitigate cybersecurity risks is a major challenge (Lu and Xu, 2018). However, that is indicative of unresolved issues around data confidentiality, privacy, and trust in the IoT context (Abomhara & Koien, 2015). As an example, laws like Health Insurance Portability and Accountability Act (HIPAA) have provisions to ensure that the confidentiality of patient data is ensured. In the case of medical devices, especially wearables and telehealth systems, confidentiality can be ensured by using access control and authorization systems as well as identity management mechanisms (Abomhara & Koein, 2015). In this case, authorization will help identify individuals or devices that are permitted to access or store data. Access control mechanisms, on the other hand, is useful in granting or denying access to different individuals, such as giving a physician access to patient data stored in the IoT device but denying access to a nurse who is not part of the patient’s care coordination team.
Delegate your assignment to our experts and they will do the rest.
Privacy is another cybersecurity concern for IoT devices and services. After all, the nature of the infrastructure is to connect different entities over the internet, through potentially insecure connections, or in private data links in local networks. Most IoT devices transmit and receive data wirelessly. As a result, sniffers and man in the middle attacks deserve serious consideration ( Cekerevac et al., 2017) . Similarly, trust is a critical cybersecurity issue in the IoT context. Abomhara & Koein (2015) consider the trust issue from two dimensions. First, the interactions, such as information exchange between IoT devices and services, need to be trusted. Secondly, the users need to trust the devices and the systems. In other words, trust in the IoT context implies trusting the hardware and software resources that make up the devices and services. As the IoT market continues to expand, different device manufacturers and service providers will try to diversify the market to meet their needs. As a result, it will be difficult to implement industry standards and universal best practices, thus delaying the implementation of cybersecurity mitigation strategies.
In conclusion, resolving the key cybersecurity challenges facing the IoT industry requires a deep understanding of their causative factors. Three key challenges discussed above are data confidentiality, privacy, and trust in the IoT ecosystem. There are different solutions available. However, the creation and implementation of widely accepted industry standards will help solve most of the key challenge. For instance, it would be difficult for users to trust devices with components from different manufacturers. However, if the IoT device is compliant with established industry standards, its use will be higher as the users trust the standards.
References
Abomhara, M., & Køien, G. M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility , 65-88.
Cekerevac, Z., Dvorak, Z., Prigoda, L., & Cekerevac, P. (2017). Internet of things and the man-in-the-middle attacks–security and economic risks. MEST Journal , 5 (2), 15-25.
Lee, I. (2020). Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management. Future Internet , 12 (9), 157.
Lu, Y., & Da Xu, L. (2018). Internet of Things (IoT) cybersecurity research: A review of current research topics. IEEE Internet of Things Journal , 6 (2), 2103-2115.
