Get All Access for $5/mo

#WorldIoTDay: Cybersecurity: The Next Frontier While increasing awareness aiding digital disruption, hackers are also morphing their tactics and using complex algorithms and behaviour manipulation techniques

By Dr. Rishi Bhatnagar

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Shutterstock

Bringing forth a critical dimension to IoT led businesses, cybersecurity is now imperative for security stakeholders to safeguard. In such an environment, it is important to step ahead with caution, insights and diligence to protect every aspect of an IoT deployment from all forms of attacks.

As IoT becomes more ubiquitous, data is turning into a more valuable commodity for the online hacker. Systems that contain cameras, microphones or personal data are usually highly vulnerable to being compromised. While individually this data may not be of importance to a hacker, collectively this data can fetch a tidy amount. For instance, a list of mobile phone numbers can be sold on the dark web, stolen hotel accounts or even a US credit card number with date of birth of an individual can be held captive in return of ransom.

By 2020 it is predicted that every individual worldwide will on an average have more than six connected devices. Wearable devices are essentially potential goldmines of information. Your phone for instance also enables unprotected access to apps including email, business and social media accounts, online banking and many more.

As hackers turn sophisticated, so should response and risk mitigation strategies. The first step towards protection is awareness. A layered security strategy that helps detect and isolate risks across the threat lifecycle will also help. From a suspicious email to a complex multi-stage DoS, most attacks can be traced to carelessness, recklessness or deviation from an established security measure. Thus, it is essential that all stakeholders agree to remain on alert always to thwart hackers at the initial stage itself. Individual users should try and avoid storing data of value on connected systems. These can instead be kept on devices or systems that don't connect to the net often.

Keeping Your Data and Business Secure

Securing your information and data access points is key to securing your connected world. Begin by keeping track of your connected devices. Each IoT device should be identified, profiled, added to an asset inventory, and monitored for their health and safety. Devices should also be prioritized based and a risk profile created based on vulnerability and amount of data stored.

If a device can work well without being connected for a period (such as wearables), then use it accordingly. Create offline backups for historical data in devices and purge them from the device and online sources. You should keep a hawk's eye on your data at all times. Data movement can reveal anomalous activity and possible intrusion before critical data is accessed or held hostage. Encrypt data using the strongest possible encryption and update data management protocols frequently to stress on the importance of data.

Review your online activities frequently to identify vulnerable activities and see how you can make them less prone to being compromised.

Guarding the Entry and Exit

A typical IoT installation comes with multiple endpoints each of which could serve as an entry point for an attack on the whole system. Protecting each point using layers of security and access restrictions is a must. Using honeypots is another option. A honeypot is a decoy set up to lure cyberattackers, and to detect, deflect or analyze attempts to gain unauthorized access to information systems. Honeypots are designed in a manner to purposely engage and deceive hackers while revealing malicious activities performed over the system. Multiple honeypots can be also be established on a network to form a honeynet. Honeypots are now becoming a common tactic to identify methods used by hackers to penetrate networks.

Vigilance With Diligence

The best strategy for defeating malicious attacks is eternal vigilance with diligence. Systems, employees, users, customers and every part of the system must be on a constant state of alert to detect and flag anomalous activity. Simple steps like providing multi-factor authentication and creating data back-ups can go a long way in protecting your business.

Dr. Rishi Bhatnagar

President of Aeris Communications India

News and Trends

"45% of All Ongoing Hydropower Projects in India are Ours": Patel Engineering

Patel Engineering reported a turnover of INR 4,400 crore in the last fiscal year, with a projected 10 per cent growth for the current year.

Marketing

5 Critical Mistakes to Avoid When Giving a Presentation

Are you tired of enduring dull presentations? Over the years, I have compiled a list of common presentation mistakes and how to avoid them. Here are my top five tips.

Business Process

How CEOs Can Take Control of Their Emails and Achieve Inbox Zero

Although there are many methodologies that leaders can use to manage their emails effectively, a consistent and thought-through process is the most effective way to systemize and respond to emails and is a step of stewardship for the effective leader.

Business News

Former Steve Jobs Intern Says This Is How He Would Have Approached AI

The former intern is now the CEO of AI and data company DataStax.

Growing a Business

Stop Chasing Subscribers — Start Making Money With These Newsletter Hacks

Here's how operators profit from newsletters by turning acquisition costs into revenue and leveraging one audience to build multiple assets.