United States Cybersecurity Magazine

ProcessBolt
From the Fall 2014 Issue

Intel and the Internet of Things

Daren Dunkel
Chief of Staff | McAfee

The Internet of Things (IoT) will represent a tectonic shift in the way computing is done.  A megatrend if you will, that impacts high technology and society in general.  This is the consensus of two industry veterans with a combined 28 years of technology experience.

IoT was recently defined as “a concept in which electronic devices and everyday objects — such as refrigerators, thermostats, or light bulbs — are connected to the Internet and each other through a handful of methods such as Bluetooth and Wi-Fi.” (CNET)

Various industry statistics underscore significant growth trends:

  • A few months ago, Intel’s worldwide chief technology officer for security, Michael Fey, said, “Security needs to be built in as the foundation of the Internet of Things. Any disruption to these IP connected devices can cause damage to the business and our daily lives. We need to have foresight into what is coming so we can prevent against threats and securely manage these devices.”
  • According to International Data Corporation (IDC), by 2020 the entire Internet of Things market is expected to grow to $8.9 trillion. (IDC document #243661)
  • Gartner expects 26 billion connected things by 2020. (http://www.gartner.com/newsroom/id/2636073)
  • Right now, 70% of the most popular IoT devices on the market contain major vulnerabilities. (July 2014 HP study)

I interviewed Intel Security (formerly McAfee) executives Craig Parrish (VP of Inside Sales – the Americas) and Brian Kenyon (Chief Technical Strategist) in August 2014 for their views on the impact of IoT today and into the future.

1.Based on your industry experience and major trends you have seen throughout your careers, where does IoT stack up?

BK: I don’t think it really has a peer in the computer world; it’s more of a parallel to the industrial revolution.  Even the PC revolution wasn’t as big.  IoT will be part of everything we do moving forward.  An example is mass producing, when you think of widgets or anything on an assembly line, it costs an estimated additional 30 cents to add Bluetooth or some sort of connectivity to these devices.  Go walk through a Best Buy and try to find something that isn’t connected or doesn’t have an option (whether you want it or not) to be connected via Bluetooth or Wi-Fi.  It’s embedded in everything today.

CP: It has the potential to be the biggest trend I’ve seen in my career. When IoT devices start to infiltrate the medical field they could have the same impact as when technology infiltrated photography.  Think of how much that has progressed over the last ten years and how much easier it is to take and share a picture now.

2.What would you advise readers to be aware of over of the next 12-24 months?

BK: People have to start taking a proactive stance about their digital footprint.  We’ve long been taught how to be safe in a non-digital world. To avoid certain streets, don’t talk to strangers etc. The same thing has to be true in the digital world.  You have to be aware of who has access to your information. You are reachable now via numerous devices and in real time.  Starbucks has an app where location services on your phone will tip off if you are within a certain radius of one of their stores.  They send a push notification to your phone saying if you stop in right now you’ll get 15% off a coffee.  As data is fed more and more data points and essentially becomes “smarter” vendors will know what you like to order and how to gear more detailed promotions towards what you like.  The point is Starbucks has to know your location, that you are close to a store, and that you like certain products for their marketing to work.  A lot of people, without even realizing it, are connected via smart phones and now wearables to everything and everyone around them.   You have to be aware that we are in a proactive digital world.

CP: The two things you have to have with IoT are identity and trust.  All this data will be housed in clouds somewhere.  You have to be able to trust “you are who you say you are”, that the data is yours; you are really signing into these accounts and using these things.  For these two things to work you have to do it with security.

3.How crucial is security in the age of the IoT?

BK: Security is paramount.  Two things we have to do differently.  The way we architected security for the PC world won’t work here.  Nobody is going to go buy security for their smart watch or smart device after the fact. An example is the Apple store sells an Adidas soccer ball and it tells you how hard you kicked it, where it went, the velocity etc. and it all syncs to your iPhone.  If security isn’t baked into hardware it’s not going to be added on after the fact.  Nobody is going to go out of their way to secure a soccer ball.

The other side is “sensor data” feeding analytics or some sensor point in the cloud.  There is a security obligation to the data we are collecting as well.

CP: None of this works if it isn’t secure.  It all comes to a screeching halt if people don’t have trust. People developing these products aren’t generally security oriented.  Security needs to be built in at the onset.  That’s a shift that everyone has to understand.  In order for this to really work it has to be secure.  An example everyone has heard of is the Target breach.  Imagine that impact on a company that’s just starting up or doesn’t have the ability to rebound financially like Target can.  One breach and they are done; out of business and everyone in that company is out of a job.

In closing, the IoT offers incredible opportunities for business and society, as well as threats and vulnerabilities on a massive scale.  One key is the ability for the technology industry to engineer security into the fabric, or frontend of this new era of connectivity.  The IoT gives security the opportunity to truly be built in from the beginning and be part of the design process for the first time in the history of computing.  For all of this to work, it will have to be secure.

Leave a Comment