The new opportunities of IoT extend not just to those capitalizing on connections, but also to those reinventing themselves to provide solutions for the requirements of our hyper-connected New IP world.
Indeed, the world of the Internet of Things (IoT) opens up channels of communication that were never possible before -- billions of connected devices allow an unprecedented flow of data. But IoT also opens up new points of vulnerability that need to be secured, and presents new opportunities for those in the security business, like Symantec Corp. (Nasdaq: SYMC)
Symantec, which until recently has been primarily associated with its Norton antivirus PC protection, is now shifting its focus from antivirus protection to securing the billions of devices to be connected by IoT. In a recent press release, the company said that it already has over one billion devices secured, including "everything from televisions and cars to smart meters and critical infrastructure." With that many things under its protection already in 2015, it expects to be ready for the anticipated explosion of 25 billion connected devices by 2020.
The huge opportunity for securing IoT makes it possible for Symantec to position itself on the cutting edge of security. That's a positive turnaround for the company following its admission of shortcomings in 2014, as reported in the Wall Street Journal. In that article, Brian Dye, Symantec's senior vice president for information security, admitted that antivirus protection is only effective on 45% of cyberattacks, and Ted Schlein, who contributed to Symantec's original antivirus software, called it "necessary but insufficient."
Symantec's solution to this problem was not to give up but to build up, and it opted to do that in the cloud. As it announced in July 2014, "Security is moving to the cloud, resulting in reduced on-disk definition size and real-time access to the Symantec Global Intelligence Network."
That move makes sense for more efficient and accessible security solutions, which enable Symantec to take on the security needed for the myriad devices involved in IoT.
Facing the challenges
Alluding to the many vulnerabilities that have recently come to light in the connected car industry, Shankar Somasundaram, senior director of Internet of Things Security, Symantec, said in the company's press release (linked above) that IoT opens up a "new frontier" that demands new levels of security. To that end, Symantec is partnering with manufacturers in the automotive, industrial control and semiconductor industries, and healthcare and retail markets.
Among the partners is Texas Instruments (TI). TI's Director of Strategic Marketing for IoT, Gil Reiter, noted in that same press release, "To help customers secure cloud communications, TI currently embeds Symantec's root certificate in multiple IoT devices to digitally sign and authenticate Internet communication and firmware updates." He anticipated adding additional security features into the devices in the future as the partnership develops IoT roots of trust and device certificates, "to embed security at the hardware level."
That level of device security is still in the works, according to Symantec's vision of new technologies, such as an IoT portal for managing all IoT security from a single interface, and security analytics for proactively detecting anomalies that might indicate stealthy attacks on IoT networks. The security already in place is based on Symantec's Embedded Critical System Protection.
That system applies a number of "prevention policies" to secure the software built into IoT devices from zero-day attacks. It also gives manufacturers the option of embedding security into their products before bringing them to market or installing after market. Symantec also uses the cloud for signing-as-a-service for assurance that the IoT device is only running authorized code through its Code Signing Certificates and Secure App Services.
It's good to see that companies are working at achieving security for the connected devices already in use while scaling up solutions to apply for the explosive growth anticipated for the near future. Perhaps in the next few years we'll be seeing the IoT equivalent of McDonald's advertising with signs saying, "Over 6 billion secured."
— Ariella Brown, Freelance Contributor, special to The New IP