The Wi-SUN Alliance’s Journey to IoT Maturity report was published in 2022. It highlighted security as one of the top three barriers to IoT adoption for IT decision-makers in the UK and US across a wide range of industries. Phil Beecher, CEO and President of Wi-SUN Alliance, looks at ongoing concerns around security and data privacy.
At its core, the Internet of Things (IoT) offers opportunities to monitor and control real-world objects. It blurs the lines between the digital and physical worlds to unlock new streams of data. These can be used to unlock transformative insights.
During the pandemic, we saw many industries more actively embracing IoT. From air quality monitoring sensors being implemented in smart buildings to the healthcare market using IoT-connected devices to create tailored treatment plans for patients, these technologies have helped to overcome major hurdles during an incredibly challenging period.
As a result, both confidence in and understanding of IoT has improved dramatically.
Having first published a ‘state of the nation’ report looking at IoT back in 2017, a subsequent 2022 survey of 300 IT decision makers from UK and US IoT adopters has enabled an interesting comparison. Critically, we are able to see how perspectives and adoption patterns among smart cities, smart utilities and industrial IoT customers have changed in the last five years in our latest report, Journey to IoT Maturity, published in 2022.
Without question, the market has gathered momentum during this period. Indeed, the latest survey shows that over 90% of respondents recognise they must invest more in IoT within the next 12 months to remain competitive as the market continues to evolve.
Further, it also seems that those core concerns creating uncertainty have eased considerably in the last half decade. For instance, respondents ranking security as one of their top three challenges when rolling out IoT fell from 58% in 2017 to 24% in 2022.
The IoT threat landscape
This shift in security sentiment is particularly interesting considering the current threat landscape.
Industry reports suggest that IoT devices are being subjected to a growing number of cyber threats. These typically result in the theft of confidential data, the launch of DDoS attacks, and more.
The most infamous of these is Mirai. This is IoT-specific malware dating back as far as 2016. Malicious actors typically use it to compromise connected devices like routers and launch attacks on websites and networks of targets, such as manufacturing systems and critical national infrastructure.
These threats have become particularly prevalent in the energy sector.
Right now, concerns are high among policy makers and industry leaders because of major economic and geopolitical turmoil. It includes incidents such as the war in Ukraine that is putting energy supplies at risk. So much so, that the U.S. Government Accountability Office (GAO) recently stated that, “nations and criminal groups pose the most significant cyber threats to US critical infrastructure, according to the Director of National Intelligence’s 2022 Annual Threat Assessment. These threat actors are increasingly capable of attacking the grid”.
The energy sector faces a growing number of cyberattacks. Many of these are aimed at ageing SCADA systems and an increasingly interconnected energy infrastructure. It provides opportunities for threat actors to access systems and disrupt operations.
The current threat outlook has naturally placed the spotlight on the need to protect critical infrastructure, and smart networks and devices that utilities networks are increasingly reliant upon.
In a recent poll conducted by Wi-SUN Alliance among senior professionals at US utility companies, more than three-quarters of respondents say that energy security will be among the most exciting smart/IoT technology developments over the next 12 months. This is considered more exciting than the development of smart buildings and infrastructure, weather and climate related solutions, and disaster management systems.
Growing concerns over data privacy
Looking at the sentiment in both of our IoT state of the nation reports, both progress and optimism shine through when it comes to IoT security. However, it is interesting to see that concerns around data privacy appear to be growing.
In our 2022 study, data privacy regulation was the second highest (political, economic, or social) challenge. More than a third of respondents (36%) placed it in their top three.
Further, concerns surrounding big data have also increased over the last five years. 19% of respondents (up from 11% in 2017) now place it in their top three IoT rollout challenges. Most IoT initiatives, from smart metering to smart city rollouts like streetlights and traffic systems, rely on large quantities of data. While this information may be captured and stored securely, there are still challenges.
Of course, the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and other privacy regulations have come into force since our first report in 2017. These have possibly driven up these concerns. But with stricter data protection laws come greater pressures for organisations and city developers to protect sensitive data and understand the consequences should they fail to do so.
Managing large volumes of data is technically difficult. This is especially true when regulators interpret the data used by many IoT systems as sensitive personal information. Those that fail to do so effectively risk running into compliance issues that can result in financial penalties and reputational damage.
Despite the progress that has been made, both security and data privacy must be core to the development, design and implementation of IoT projects. Get these right, and the potential benefits that smart systems can deliver are huge.
Click to read the full Wi-SUN Alliance report
Wi-SUN Alliance is a global non-profit member-based association made up of industry leading companies. Its mission is to drive the global proliferation of interoperable wireless solutions for use in smart cities, smart grids and other Internet of Things (IoT) applications using open global standards from organizations, such as IEEE, IETF, TIA, TTC and ETSI. With 300 members worldwide, membership of the Wi-SUN Alliance is open to all industry stakeholders and includes silicon vendors, product vendors, services providers, utilities, universities, enterprises and municipalities and local government organisations. For more information, visit: www.wi-sun.org.