July 27, 2017


There’s no question that the Internet of Things (IoT) has the potential to dramatically transform how people across the globe live and work. Tech research firm Gartner says that by 2020 there will be 20.4 billion connected devices worldwide. And according to global management consulting firm The Boston Consulting Group (BCG), companies plan to spend roughly $280 billion on IoT in 2020.

Michael Daniel, cybersecurity advisor to former President Barack Obama and president of the Cyber Threat Alliance, says:

Cyberspace is expanding on a daily basis. It’s the only environment that’s actually getting larger, with an estimated 5-10 million devices per day being added—the stakes have gotten higher.

Hyperconnectivity brings a host of business opportunities including greater innovation, collaboration, and communication. With IoT-enabled predictive maintenance, for example, major industries can now anticipate problems in real time, and in some cases, fix issues remotely helping streamline workflow and staffing processes.

While IoT heralds great access to data on-demand, mobility, productivity, and other benefits, those same prospects open companies up to significant disruption and risks to privacy, reliability, and device support. It also raises the question of how best to manage, mine, and secure an overwhelming volume of data.

As IoT flourishes, industries across the board will be targeted by cybercriminals, with security breaches, stolen data, and unlawful surveillance among the ever-present risks. The New York Times has gone so far as to refer to IoT as a “weapon of mass disruption,” with IoT cyber threats representing a “new era of vulnerabilities confronting a highly connected society.”

According to Theresa Payton, president and CEO of Fortalice and former White House chief information officer, there are three primary rules for IoT that are easy to implement and can make the difference between a catastrophic event and a blip on your radar:

  1. You must have a kill switch for anything that is connected to the internet to provide a privacy safety net and to ensure that you can secure your data.
  2. Make sure that your safety and security team work directly with your innovation and design teams—security and innovation must be equal.
  3. Ensure that you segment—loosely couple systems in a way that makes sense for your organization, so that if one system is compromised, your entire organization isn’t at risk.

In the world of financial services, Accenture Consulting’s Financial Services Change Survey 2017 revealed that IoT ranked among the top digital technologies targeted for change investment. Nate Fick, CEO of cybersecurity company Endgame and leading adviser on next generation cyberattacks, says:

There are industry sectors that have high exposure, and those that have low exposure—determined by whether the industry is based more on informational technology or operational technology. Industries based on informational technology are typically low exposure and software-based—these include more highly regulated industries like financial services.” He also states that “The financial services sector is not intrinsically linked to many kinds of computer devices.

And it appears that more consumers are willing to adopt technology and use devices that are IoT-enabled, like payment systems. In conjunction with, VISA released a study that revealed more than 80% of Americans are interested in making purchases via connected devices, with speed, convenience, financial security, and trust among top consumer concerns. IoT also helps banks gather customer-generated data and use the information to further personalize service in real time.

The energy industry uses IoT to optimize supply and demand and “balance energy usage across the grid and reduce energy costs,” according to BCG, through remote monitoring and controlling of distributed energy and storage:

The use of IoT in operational technology makes energy and manufacturing prime examples of high exposure industries,” adds Fick. Consumers are already using IoT to remotely monitor and control appliance energy consumption—and their energy bills. And with demand response programs, customers are incentivized to cut back on energy-hogging appliance use and other utilities during peak demand periods to “reduce supply and demand volatility.

The hospitality industry also leverages IoT to reduce costs and improve efficiency. Oracle’s Hotel 2025 and Restaurant 2025 reports detail future innovations from wearable devices that monitor staff activity to voice-activated experiences and energy conservation automation. Data and guest security are among the top IoT-related concerns for the hospitality industry, with reservation systems, electronic room locks, mobile room keys, and other IoT devices vulnerable to cybercriminals.

In health care, IoT has changed how physicians deliver care. Real time location systems are one example of how interconnectedness helps improve customer service by allowing families to monitor the real time progress of a patient’s surgery. With health care forecasted to be one of the fastest IoT spending growth industries, it is already seeing some of the most surprising innovations like smart baby clothes that monitor heart rate and oxygen levels. In contrast, privacy, security, and authentication remain top concerns. As IoT health devices, wearables, mobile apps, and telehealth services increase, so will the need to find solutions to secure sensitive, at-risk patient data.

Fick says, “No business wins on good cybersecurity—but organizations can lose big on bad cybersecurity. Industries have the potential of banding together with technology companies to proactively build better software and improve on the patching process. Organizations need to hold vendors feet to the fire.”

“Solutions are not only about organizations throwing more financial resources against securing these interconnected systems but relooking at organizational strategies, such as how your business is best prepared for all of your cyber needs,” says Daniel. He also adds, “This approach can include ensuring senior management’s involvement in making decisions about the organization’s cybersecurity posture and treating the topic as more than an IT issue. Regular backup of data to ensure recovery capabilities is also critical.”

From fitness wristbands and voice-command speakers to smart cities and sensor-packed locomotives, many are describing IoT as the next Industrial Revolution. What is certain though is that cybersecurity will remain at the forefront for every sector tackling new risks as they unfold and taking advantage of the infinite opportunities and markets opened by IoT.