Many people scoffed in January 2014 when Cisco CEO John Chambers pegged the “Internet of Everything” as a potential $17 trillion market, five to 10 times more impactful on society than the Internet itself. Two years later, it seems that Chambers’ prediction for the phenomenon more commonly known as the Internet of Things (IoT) could be on the conservative side.
There’s no question that IoT is ushering in a new era of innovation, connecting the digital and machine worlds to bring greater speed and efficiency to diverse sectors, including automotive, aviation, energy and healthcare subscription management video. But with sensitive data increasingly accessible online — and more endpoints open to attackers — businesses are quickly realizing that security cannot be an afterthought.
The bad news is that they’re relying on the same solutions that have failed in the past — and which continue to fail. Created four decades ago to secure communications between two human parties, Public Key Infrastructure (PKI) was never designed to handle the complexity of managing 50 billion devices on industrial-scale networks.
McKinsey estimates that the cost of ineffective cybersecurity will rise to $3 trillion by 2020. Given that the number of connected devices is predicted to reach 20.8 billion by 2020, there’s an urgent need to fundamentally rethink security for an always connected, high-volume, decentralized world of machines.
Data has an entire lifetime
Bruce Schneier observed that throughout the 1990s, everyone was focused on data in motion — communication between two parties — when they should have focused on data at rest. Emphasis on the former is a major reason modern security continues to fail. We need to consider data throughout its entire lifetime, not just secure transmission between devices, which becomes meaningless if the device itself is