Stepping up defenses against cyber attacks as IoT demands grow

In what is expected to be a steady series of steps to combat cyber attacks, the GSM Association recently released guidelines to address the looming security problems that could result from the growing Internet of Things (IoT) trend.

The guidelines could go a long way in governing how well so-called smart devices are designed and implemented to protect against breaches.

Stepping up defenses against cyber attacks as IoT demands growThe GSMA, which is an association representing mobile operators, said the guidelines are designed to promote secure IoT development and deployment. The report, which already have been backed by major carriers like AT&T and Verizon, outline advice for addressing data privacy issues as well as general security threats as more and more companies release IoT products that rely on data.

There’s reason for concern. The IoT market is growing at an exceedingly fast pace. Many researchers are predicting that the number of Internet-connected products could surpass the 50 billion mark by 2020 — up from 4.9 billion connected things in 2015.

At the same time, cyber attacks and data breaches are increasing at an alarming rate. Another report revealed that the U.S. Department of Homeland Security investigations of cyber attacks involving the manufacturing sector alone nearly doubled in one year, while other companies and individuals continue to see a rise in cyber threats.

The new GSMA guidelines are designed to address those two converging trends. Increased interest in IoT things, along with an upswing in cyber attacks.

The document reads in part: “Almost all IoT services are built using endpoint device and service platform components that contain similar technologies to many other communications, computing and IT solutions. In addition to this, the threats these different services face, and the potential solutions to mitigate these threats, are usually very similar, even if the attacker’s motivation and the impact of successful security breaches may vary.”

The guidelines has requirements for cryptography, APIs to the security model, signed application images and application rollback.

With these security recommendations set forth as a standard, vendors who don’t abide by them could risk being rejected by carriers. The areas covered under the guidelines include telecommunication carriers, service operators, and device manufacturers.

“As billions of devices become connected in the Internet of Things, offering innovative and interconnected new services, the possibility of potential vulnerabilities increases,” GSMA chief technology officer Alex Sinclair said. “These can be overcome if the end-to-end security of an IoT service is carefully considered by the service provider when designing their service and an appropriate mitigating technology is deployed. A proven and robust approach to security will create trusted, reliable services that scale as the market grows.”

Lifeline Data Centers, which provide colocation solutions in the Midwest, is provides clients in various industries with secure and quality data center solutions. Contact us to find out how we can meet your data center needs.

Schedule a Tour

Other resources:

Rich Banta

Rich Banta

Managing Member at Lifeline Data Centers
Rich is responsible for Compliance and Certifications, Data Center Operations, Information Technology, and Client Concierge Services. Rich has an extensive background in server and network management, large scale wide-area networks, storage, business continuity, and monitoring. Rich is a former CTO of a major health care system. Rich is hands-on every day in the data centers. He also holds many certifications, including: CISA – Certified Information Systems Auditor CRISC – Certified in Risk & Information Systems Management CDCE – Certified Data Center Expert CDCDP – Certified Data Center Design Professional
Rich Banta