Internet of Things: Data Integrity – not Confidentiality – is paramount

For the past few years, an amount of hype has been developing around the Internet of Thing as the technology finally seems to be ready for take-off – allowing for both the gathering and analysis of an unprecedented amount of data.

In this context, many people are rightfully concerned about the ubiquitous collection of their personal and sometimes confidential data in central databases which, as recent history shows, are still very much prone to hacking and leaking.

The development and increasing sophistication of machine learning and artificial intelligence now allows more and more IoT devices to become fully autonomous – moving from merely sensing to doing. Smart objects are now able not only to collect data but also to analyse it in order to adapt their behaviour further down the line – with close to no human input or involvement.

An ever-greater part of our daily lives is and will be delegated to these independent agents – from our homes’ heating systems to our cities’ traffic lights.

So far, data security has not been the main concern of IoT products manufacturers. Indeed, when faced with a choice between convenience and security for users, manufacturers almost always choose convenience. As a result, most devices are notably easy to hack as many viral videos have been pointing out. However, IoT devices are no longer those geeky, often hilariously useless gadgets anymore. As the technology is making its way into the mainstream and as we delegate an ever-increasing part of our daily lives to the IoT, security cannot be an afterthought anymore. Those very same hacks that amuse us today could well turn out to have deeply frightening implications.

As our surroundings are shifting from sensing to doing, it is critical that they be able to rely on accurate data in order to behave in an expected and desired way.

Here lies the new paradigm for IoT security: The biggest risk to these systems is not the stealing of the confidential attribute of the collected data, but rather an attack to its integrity. Corrupting the data on which an object relies could cause it to act in many dangerous ways.

Hurtful applications are endless – from making drone or commercial planes crash to remotely control our home appliances or medical devices. Terrorists would find great opportunities to cause widespread mayhem by turning our everyday surroundings against us – for example turning all traffic lights to red in order to engineer traffic havoc and keep the police and emergency workers away from the place of an attack.

Meanwhile, on a parallel path, the Blockchain technology has been gaining momentum and might well be one of the solutions to the IoT integrity risk.

Decentralised verification mechanisms can indeed ensure the veracity of all collected data, waiving the need for a central yet vulnerable authority and making it impossible for one single node to trick the whole system. This “Ledger of Things” is one of the most exciting applications of the Blockchain technology, as it could drive the IoT into the mainstream while keeping it on a safe path.

But will it scale up fast enough in order to drive the safe development of the IoT instead of running after it?  This is a crucial challenge and the technology industry has the responsibility to lead in this process.

 

Corix Partners is a Boutique Management Consultancy Firm, focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation & Governance challenges.

(Linkedin articles are written in collaboration with Vincent Viers)

Arrange a Conversation 

Browse

Article by channel:

Read more articles tagged: Featured, Internet of Things

Enabling Technologies