classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018


Turning cyber threat into cyber opportunity
September 2018, Transport (Industry), Integrated Solutions, IT infrastructure

The network of connected sensors, devices, and appliances commonly referred to as the Internet of Things (IoT) has completely changed the way business works. This is as true of the heavy hauling and freight industry as any other. At any moment, various players in the industry can get a sense of vehicle health, cargo safety, and whether or not any infrastructure is in need of repair.

As IoT technologies have become more ubiquitous, so have the threats from cybercriminals however. With more than 20-billion IoT devices expected to be online by 2020, there are more gaps for cybercriminals to take advantage of than ever before. That has massive potential consequences for heavy hauling. A cyber-attack at targeted points in a country or region’s network could leave it crippled, preventing people from receiving much-needed goods and services.

Maeson Maherry
Maeson Maherry

Fortunately, it doesn’t have to be that way. According to Etion Group chief digital officer Maeson Maherry, it’s possible for businesses to reap the benefits of IoT without placing themselves in a compromised security environment.

“Connected sensors can provide businesses with useful data that can be easily acted on,” Maherry says. “Sensors in trucks and cargo containers, for example, can tell you when to do preventative maintenance, helping avert potential disasters.”

For that to work, however, people have to be able to act on that data. “If I can send commands to vehicles and machines out in the field, which is what sensors are in the first place, can I do so in a way that makes my business more productive and efficient?

“So, for example, if a vehicle is telling me that it’ll need maintenance soon, do I have the power to schedule that maintenance so that the machine is down for as little time as possible?”

If that is the case, that ability comes with serious benefits, but in order to be able to reap them, you have to know that you can trust the information coming from the embedded sensors in your network. Here, he says, the question of who owns the IoT devices and sensors in a business environment becomes critical.

“I’ve got these devices and sensors in my business environment, do they belong to me, or do they belong to their manufacturer?”

Logically, he points out, ownership should always lie with the business owner because these devices are used to make decisions with potentially massive business impacts. “You have to make sure that you’ve got owner-controlled security in place. You’ve got to make sure that you can control these devices, and make sure it’s only your device that plugs into your network.”

Even if you own the security, he adds, you still have to know that you can trust the entire system. “You’ve got to be able to trust everything, from the sensors themselves, the way they’re communicating data, all the way through to the information systems that are processing that data and turning it into information for you, so that you can make your own deductions and send back commands.”

Here the fundamentals of security – authentication, encryption, and integrity – come in. When it comes to authentication, this allows you to know that a sensor sending you information belongs to you and that when you send information to a sensor it will act on it. A lot of the work around encryption, meanwhile, comes down to picking your battles.

“Is it something that I need to worry about other people seeing?,” Maherry asks. “If the devices are sending out private medical information then the answer is yes, but if they’re just sending the settings on a machine then the answer might be no.”

Finally, integrity entails doing everything you can to prevent your machines being tampered with. And that’s incredibly important. Integrity is going to be at “the next wave of cybersecurity threats, which will be a constant concern for us over the next decade or more”.

We’ve already seen what happens when those devices are tampered with. In August 2016, cybercriminals used IoT devices to execute one of the biggest DDoS attacks in history, bringing down some of the Internet’s biggest sites. It’s only a matter of time before someone tries to bring down a freight network.

Fortunately, says Maherry, such incidents are avoidable. “It’s possible to solve all these issues with the cryptography and technology that we have today, we just have to have the conversations to start with. The same is true with the devices: they’re going to need to be updated in the field, just like your computer or your phone get updated. You’ve got to make sure that there’s integrity in the code that’s running on these devices, even if it’s embedded.”

“The answers are definitely there,” says Maherry, “but if people are not thinking about the cybersecurity aspect and the ownership aspect, then you’re not going to get to the benefits of what IoT can really do on a large scale.”


  Share via Twitter   Share via LinkedIn      

Further reading:

  • Trust but continually verify
    November 2018, Technews Publishing, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions, IT infrastructure
    Hi-Tech Security Solutions looks at access and identity management and asks some industry players what ‘zero trust’ and ‘least privilege’ access means.
  • Physical/logical convergence
    November 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure
    The convergence between physical and logical (or cyber) security will be a game-changer because it will change the way we do everything, from planning to design and all the way to installation and maintenance.
  • Physical and logical convergence is a fact
    November 2018, This Week's Editor's Pick, Integrated Solutions, IT infrastructure
    Convergence, the next buzzword? A dated buzzword? Is convergence ­merely ­integration on steroids? What is convergence?
  • The expanding role of IT in access control
    November 2018, Technews Publishing, This Week's Editor's Pick, Access Control & Identity Management, IT infrastructure
    What role is IT playing in the world of physical access control and how far will its role expand in future?
  • Taking augmented identity to the world
    November 2018, Technews Publishing, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions
    Hi-Tech Security Solutions spoke to Gary Jones, VP Global Channel and Marketing biometric access and time solutions) at IDEMIA (formerly Morpho) about his career with the company and its new vision of Augmented Identity.
  • BIMS set to change identity ­management
    November 2018, Technews Publishing, Access Control & Identity Management, Integrated Solutions, IT infrastructure
    Local biometrics integrator, Ideco Biometric Security Solutions, has announced that its Biometric Identity Management System (BIMS) has been launched to market.
  • Tracking biometrics into a brave new digital world
    November 2018, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions
    The industry is increasingly transitioning from unimodal to more integrated multimodal biometric solutions for more accurate identity verification and faster real-time results.
  • Key components of access control
    November 2018, Paxton Access, Access Control & Identity Management, Integrated Solutions
    Dan Drayton speaks to Hi-Tech Security Solutions about what the key components in modern access control systems are.
  • IP is no stranger to access control
    November 2018, Technews Publishing, Access Control & Identity Management, Integrated Solutions, IT infrastructure
    Just as the surveillance market made the move to IP-based communications, the access control market is also moving to IP (or some say it already has).
  • Applying the SaaS model to access control
    November 2018, Technews Publishing, Access Control & Identity Management, Integrated Solutions
    The software-as-a-service model has proven transformative to many organisations, and even entire industries. The benefits it can offer are undeniable, but in the security sector which is risk-averse by necessity, we wanted to hear the views of some local experts in access control as a service (ACaaS) to find out what some of the pros and cons are.
  • Cloud-based access control
    November 2018, Technews Publishing, Access Control & Identity Management, Integrated Solutions
    Running your access control through a cloud service has made people nervous in the past, but today’s solutions are hard to beat.
  • Controlling access in the cloud
    November 2018, Technews Publishing, Access Control & Identity Management, Integrated Solutions
    In the access control arena, hosted or managed services have been around for a few years, and the adoption of cloud-based access control only continues to grow as companies become more and more open to the idea of relying on it to perform such a vital function within their business.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.