Companies are spending billions to protect their networks as they move to the cloud. Bloomberg expects cybersecurity spending to exceed $200 billion a year by 2024, with network and endpoint security segments likely to see the most significant growth. The majority of that spending is dedicated to migrating from on-premises networks to cloud networks and the security challenges that come with that move. However, even with that gargantuan sum of money being spent by enterprises across the country, most businesses are still leaving their networks completely vulnerable as the hundreds of thousands of IoT devices situated on an organization’s network are serving as Trojan Horses for hackers.
In the last year, we’ve seen an abundance of IoT manufacturer hacks, such as ones at Sierra Wireless, Verkada, and Garmin, and there’s no sign of these attacks slowing down.
To put it simply, security is not a priority for Internet of Things device manufacturers. Manufacturers often lack the security expertise and the technical resources to integrate more sophisticated security protocols into their products. Many IoT devices implement new protocols, platforms, and solutions that have not been thoroughly vetted for security issues, resulting in vulnerable products. Luckily, Congress passed the IoT Cybersecurity Improvement Act late last year, which requires that any IoT device purchased with government money meets minimum security standards. While this bill focuses on IoT devices procured and used by the federal government, it’s a good set of guidelines for manufacturers that need to improve the security of their products. More stringent rules and requirements to govern IoT manufacturers will lead to fewer IoT security problems.
Organizations are bulking up existing tools to fend off attackers but are leaving their flanks exposed as IT teams do not have accurate records of their IoT devices. In other words, security executives are letting IoT security slip through the cracks.
Front Doors Unlocked
The average executive believes IoT devices make up 1% of their network; in reality, these devices actually make up about 43% of the access points. Gone are the days where PCs are your main concern. The compound annual growth rate (CAGR) for laptops is 0.3% growth, and the CAGR for IoT is 35.49% growth. With such a wide variety of IoT devices in the home and the office, it is easy to overlook the devices bad actors see as an opportunity in almost every vertical.
One reason that many devices are overlooked is that they fall outside the purview of the IT department and are completely absent from their radar. Most notably are cameras. Earlier this year, a hacker successfully exposed businesses, police departments, schools, jails, and hospitals by hacking into nearly 150,000 Verkada security cameras set to their default security settings. It set off a firestorm. Another easily overlooked device, essential both at home and in the office, is the printer. Because it’s easily connected over Wi-Fi, Bluetooth, etc., there are a significant amount of exposures, most with default credentials and thus vulnerabilities.
When devices are overlooked, they are not cared for. Out of 1 million customer IoT devices evaluated over the last year, 50 percent were found to have vulnerable firmware. Most were five to seven years behind on their updates, making them a straightforward target for hackers. Another 50 percent of those devices had default credentials, which are easily guessed then used by hackers to access the network. Regular patching, firmware updates, and credential changes are essential to basic security hygiene for all parts of the network and apply to devices.
To illustrate the depth of unknown device issues, an evaluation of more than 1 million customer IoT devices over the last year showed that 26 percent are end-of-life, meaning they are no longer supported. And, 18 percent of devices have critical vulnerabilities that would allow bad actors to take full remote control of them without using credentials. Without access to updates and no security fixes available, these devices need to come off the network or at the very least be segmented.
Out With the Old
Segmentation, the legacy approach to IoT device security, is no longer the most effective security measure available. Segmentation quarantines a device, or a group of devices, on a separate network, theoretically keeping insecure devices away from anything important. While segmentation alone is a solution, it is not a permanent one.
Even when segmented, insecure devices can still pose a threat through additional vector exposures, VLAN hopping malware, and other entry techniques. That’s why it’s also important to inoculate devices against vulnerability rather than segment them away.
Inoculation ensures that patches and firmware are up to date, credentials are rotated according to policy, and maybe most importantly, an accurate device inventory is kept that includes actionable data on device health.
It is impossible to secure every IoT device globally, but through automation, you can control your enterprise. By 2025, it is estimated that there will be over 55.7 billion IoT devices in the world. There can be hundreds, thousands, or even hundreds of thousands of vulnerable endpoints that bad actors can use to infiltrate the network within a single organization. Therefore, putting a plan to manage, monitor, and secure connected IoT environments is crucial.
It takes four hours per year to conduct basic security hygiene measures for a single IoT device. When you look at that en masse then multiply it by all IoT devices on an enterprise’s network, it becomes infeasible to secure all these devices by hand. Automating basic security hygiene measures, including inventory management, patching, and credential management, can help already overtaxed IT teams keep up with device sprawl. Automating IoT security is also cost-effective, enabling security teams to focus on more important matters and be better protected against attacks.
As IoT devices continue to increase their footprint, now fortified with the power of 5G, a deeper understanding of the IoT market and how organizations should approach IoT security is needed. As the world prepares for the estimated 55.7 million IoT devices to come online in the next four years, there should be an increased emphasis on stronger security measures built into devices and more proactive IoT security approaches taken by organizations.
Developing cellular IoT solutions is a complex dance that takes place inside what’s called a mobile core—effectively the “brain” of a mobile network.
Your wireless end users want a seamless customer experience. As builders of cellular IoT solutions, we know that a seemingly minor issue throughout the wireless network can threaten the viability of the entire IoT solution, disrupting that experience.
Which is why it’s critical for you to get to know a key component that can make or break your project: The mobile core.
In this whitepaper, you’ll learn more about:
The ways mobile cores can impact your IoT solution,
Key components of the “brain” of your mobile network and,
Differences between distributed IoT vs centralized mobile cores.
Kajeet offers a comprehensive secure wireless solution to enable your telemedicine and telehealth programs. Bring your application and we can provide all you need to take your solution to market and scale as you grow. Kajeet Connected Health is a highly secure and reliable solution to enable the successful delivery of these services anytime, anywhere to help strengthen caregiver–patient relationships, drive better patient outcomes, increase staff productivity and lower costs for healthcare providers.
Secure Connectivity. Access to private network integrations with cellular carriers for secure access to connectivity without data ever hitting the public internet.
HIPAA-Friendly Solution. Personal Identifiable Information (PII) is never collected or stored by Kajeet, making it HIPAA-friendly.
Simplified Management. Effortless control over embedded wireless connectivity, IoT networks, data, devices, and security from a centralized management console.
What’s Included In Kajeet’s Connected Health Solution:
End-User Devices. Fully kitted Samsung A11 or A12 Smartphone OR Samsung Galaxy Tab 8.4”
Kajeet’s Secure Wireless Network. Verizon data-only plan on Kajeet’s network at 500MB, 1GB, or 2GB per month
Device and Data Management Platform. Kajeet’s Sentinel platform for device and data management that includes real-time data usage, security and policy controls, and open APIs for easy integration
Fully Managed Services. Procurement and provisioning of devices, user profile configuration and ongoing mobile device management
Ongoing improvements to information technology (IT) have opened new opportunities for businesses to increase their revenue stream over the past few decades. These new areas of focus are altering business strategies, bringing IT to the forefront, and placing more responsibility on the role of the Chief Information Officer.
The Changing Role of IT
Over the years, IT has changed from an expensive new fad that businesses were forced to experiment with to a powerful business driver. IT continues to evolve, helping to grow revenue and shape business strategy. As a part of that evolution, the role of the Chief Information Officer has also changed.
Today’s CIO has a seat at the decision-making table, helping to develop strategies, draft policies, and increase revenue. This is occurring through a shift from IT as a cost center toward a creator of value. This shift utilizes digital transformation, leveraging big data, the cloud, and other hallmarks of IT to create novel business models that drive revenue and meet long-term goals while ensuring quality operations.
How IT Increases Revenue
IT is driving revenues for companies by providing tools to make the following innovative improvements:
Increased complex problem-solving: better hardware and smarter applications enable stronger information research and big data analysis, with resultant improvements to scalability planning.
Better decision-making abilities: Improved IT allows for solid market research through video conferencing, social media, online industry forums, and web-based surveys for consumer feedback. Powerful digital tools for analytics allows for data interpretation and stronger, more informed decision-making.
Improved marketing: Sales depend on reaching the right customer; predictive technology makes personalized marketing possible, and high-tech analytics provide feedback about the effectiveness of the marketing strategies, enabling real-time pricing shifts to maximize revenue.
Upgraded customer support: Complex and powerful customer relationship management systems help businesses support their customers through a variety of platforms, including emails, webinars, phone calls, and social media platforms.
Enhanced resource management: Cloud technology allows employees to access their enterprise-level software from any device in any location, improving productivity and, ultimately, the bottom line.
How IT Affects Corporate Strategy
Business strategies are shifting to maximize the revenue-driving power of IT. The revenue-generating CIO will consider the following strategic issues:
Capitalize on mobility: Cater to the continued mobile platform growth by increasing the value of mobile apps for customer service.
Embrace the Internet of Things (IoT): Employ data analytics to harness and utilize big data resulting from the IoT.
Actively collaborate: A key collaboration between the CIO, with expertise in information infrastructure, and the Chief Marketing Officer (CMO), with access to a bank of customer data, should focus on transforming big data into growth and revenue opportunities.
Experiment with Artificial Intelligence (AI): AI use can reduce cost and increase productivity, and its efficiency is growing exponentially stronger. As a revenue-generator, AI’s power analytics can be harnessed to turn big data into understandable and usable business information.
As technology continues to improve, the role of IT and, by extension, the role of the CIO will continue to evolve and become even more critical to business success. Cost-saving and improved productivity is not enough to provide strategic advantage anymore. A company that can harness and leverage. IT’s revenue-generating possibilities will see improved bottom lines well into the future.
It’s hard to believe that businesses that were fortunate enough to survive the pandemic are now facing another calamity. The labor shortage or wage shortage (depending on where you stand) could cripple the economic recovery efforts of the US as we head towards potential runaway inflation. The latest Consumer Price Index (CPI) is at 5 percent with no end to rising prices.
America’s Work Ethic
Do others around the world see Americans as lazy, entitled teenagers pining for a better allowance? As of May 3, the World Health Organization states that the US was leading other countries in vaccination rates, while other countries like India continue to suffer. Talk to business leaders around the globe, and they’ll find it laughable that America is now “held hostage” by low-skilled, low-wage workers.
Frustrated business owners are left to wonder why those sidelined during the pandemic aren’t rushing back to work. We are experiencing something historic that goes beyond “lazy and entitled Americans.” Three factors are driving the labor shortage as census data comes out:
Low labor force participation rate at 61.4%, according to a February report by the Bureau of Labor Statistics.
Covid did not cause the labor shortage; it did, however, accelerate it. There’s no simple one solution answer, such as raising the minimum wage to address these challenges.
It’s Not a Labor Shortage, It’s a Wage Shortage
Solve the labor shortage by raising the minimum wage to $15 per hour. Big corporations like Amazon, Costco, and Best Buy have taken steps to address this. However, most of America’s makeup is the small business owner who may not afford such a drastic increase in wages.
This philosophy (coming from heartfelt intentions) can hurt both the business and the worker. For example, a dishwasher making $10 per hour is now demanding $15 per hour. That’s a 50 percent increase. Being fair and equitable, that business owner will have to offer a 50 percent increase across the board. Now, the kitchen manager making $20 per hour will be asking for the same 50 percent increase at $30 per hour.
Other expenses for the business owner come with a significant wage increase, such as unemployment insurance, taxes, and worker’s comp. Businesses are now raising their prices triggering, massive inflation rates. As prices increase, many of these workers fighting for higher wages may not afford these products or services as the CPI continues to climb.
Bend, Don’t Break: AI-Driven Technologies to the Rescue
As a 50-year-old, I remember the Carter years – parents complaining about inflation and long gas lines. Back then, technological advancements weren’t available to help businesses. Artificial Intelligence, often defined as the ability for a computer to think and act like a human, has been democratized in recent years and can serve as a tool to help companies address acute labor shortages.
The labor uprising goes beyond just retail and restaurants. While we see AI-driven digital menus like iOrder, the landscape industry innovates with Graze, the AI-driven lawnmower. Both platforms help address the lack of available workers and improve margins decimated by rising labor costs. In 2017, McKinsey released a study that indicated that by 2030, 30 percent of jobs could be automated with intelligent robots.
Covid unearthed systematic and societal issues with low-skilled, low-wage workers that need to be addressed. In the meantime, businesses will need to look at ways to keep both labor and prices in check- after all, they are the job creators, and these workers on the sidelines will eventually have to pay their bills.