Industry-Led Security Approach Key to IoT’s Commercial Future

March 1, 2018

Ian Smith, IoT Security Director, GSMA
With broadening connectivity comes, unfortunately, greater potential for breaches of security.  As the IoT expands, bringing an ever-increasing array of previously standalone objects online, there are correspondingly more points of entry for hackers to target. The GSMA and its members take nothing more seriously than security; it is the prerequisite to everything else we do. Consumer and customer confidence is essential to the IoT’s ability to scale to its full potential – without the trust of those using services and products that they are safe while they do so, the demand simply will not be there to drive forward investment.

Thankfully, a great deal of work is going into achieving that trust, among some of the most effective security professionals on the planet. The mobile industry has an excellent record of providing secure, reliable services, earning operators the status they now enjoy as the established and trusted providers of secure IoT services.

Building on this work – and taking it forward to meet new challenges as the IoT scales – the GSMA has developed IoT Security Guidelines, a comprehensive set of best practice recommendations which provide a proven approach to end-to-end security.  Solutions can be checked for compliance with the Guidelines by way of the IoT Security Assessment, a straightforward and flexible framework which takes into account the immense diversity of the IoT market.

This was welcomed at our seminar yesterday on IoT Security – Creating a Connected and Secure Future, a special session bringing together some of the world’s leading authorities in cybersecurity. Delegates gathered to hear discussions among those at the forefront of securing the IoT, and consider the best approach to ensuring this in future.

“Transparency on security credibility is key – it’s all very well and good saying you’re secure, but you need to prove it,” warned Francisco Jose Ramirez Vicente, IoT Security Researcher at ElevenPaths.  “Furthermore, IoT is very diverse. Any assessment-based process has to fit with the diversity of the IoT, and the business models that IoT devices have to be accommodated.” The GSMA agrees entirely with this, and it has informed design of the guidelines and assessment at all stages, so that IoT companies of all shapes and sizes can be sure they are properly shielding their solutions from cyberattack, and safeguarding customer data.

To make this as effective as possible, cross-industry collaboration is essential. “IoT security has to follow a standardised approach – it should share some basic features across many different sectors,” explained Dr. Apostolos Malatras, Network and Information Security Expert at ENISA.  “We don’t work on our own, we work with different sectors and companies – ultimately, we’re here to help you help us to help you. Together we can boost the basic level of cyber hygiene from where it stands at present, and indeed we must.”

Top of the agenda were hopes of building a consensus on industry-led approaches to best practice. There was agreement throughout the room that – however well-intentioned – it is unlikely civic authorities will be able to develop such frameworks as effectively as those whose working lives are spent absorbed in IoT security. “When we say certification, what we really mean is conformance,” explained Katerina Megas, NIST’s Program Manager for IoT Cybersecurity. “Requirements should be built in the standards – and we take a broad view of what a standard is – but ultimately we believe this should be industry-lead, through a consensus method.” For this to work optimally, and avoid governments feeling they need to play a greater role, it is essential that events such as yesterday’s take place. “The first challenge is around business drivers – there’s not a single place where we can get all stakeholders together,” observed Ms Megas.

While there is much work to be done, the industry is well-placed to win the trust of consumers in the years ahead.  Carlos Carazo, Global CTO for IoT at Telefónica, pointed out that many of the industry’s core assets, like LTE networks and SIM cards, are highly secure by design. There is however no room for complacency, as was unanimously recognised by attendees. The live hack performed in the session focussed minds very well – if the industry is to reassure consumers of the safety of sensitive use cases like driverless cars, it will need to work at the top of its game over the next year. We at the GSMA are confident it will do precisely that.

Back

Opportunities and Use Cases for Distributed Ledger Technologies in IoT Since the launch of Bitcoin there has been widespread interest and activity in extending the application of distributed ledgers to other application areas. This has resulted in d...

Read more | See all Resources

Industrial IoT Feasibility Study: How Mobile IoT is Changing the Industrial Industry is embracing the Internet of Things (IoT). Large numbers of connected sensors are now being used to monitor the performance of complex physical machinery in real-time. A...

Read more | See all Resources

GSMA IoT Webinar Series 2018-19   Industry 4.0 – Optimising Industrial IoT with Mobile IoT   Wednesday, 24 October 2018 3pm GMT / 10am EDT Industry experts from mobile operators & key ecosys...

Read more | See all Resources

The Future of Farming: How Mobile IoT technologies can help agriculture fee With the world’s population likely to rise to about 10 billion by the middle of this century, agriculture will need to become more efficient. To properly feed a further two bil...

Read more | See all Resources

Mobile IoT Case Study: Ericsson Smart Industrial Factory Mobile IoT technologies are set to play a central role in the smart factories of the future. Telecommunication equipment manufacturer Ericsson is using the cost-effective and rel...

Read more | See all Resources

Drones Case Study: Search and Rescue Supported by Drones on a Cellular Netw Unmanned Aerial Vehicles (UAVs) are already in use for a multitude of applications. The regulatory framework is presently still being shaped, and there remains some scepticism ar...

Read more | See all Resources

Operators look Beyond Connectivity in the Age of IoT As the IoT expands and develops, operators are expanding their commercial horizons dramatically. Operators are now moving to meet demand beyond that for connectivity alone: there...

Read more | See all Industry News

Intelligent Connectivity: the Fusion of 5G, AI and IoT Intelligent connectivity is the combination of high-speed, low-latency 5G networks, cutting-edge artificial intelligence (AI) and the linking of billions of devices through the I...

Read more | See all Industry News

LTE-M to Provide Vital Boost to Bee Populations in Agriculture Honeybees are one of the great lynchpins of the ecosystems on which we rely.  While their role in keeping the natural world’s gears turning is frequently underestimated, or ov...

Read more | See all Industry News

Development Guide: LTE-M for Consumer Devices The GSMA Internet of Things (IoT) programme is an initiative to help mobile operators add value and accelerate the delivery of new connected devices and services in the IoT. This...

Read more | See all Industry News

Mobile IoT Connects China to the Future Showcase at MWC Shanghai highlights breadth of Mobile IoT deployments in China China is a global leader in harnessing the low power wide area connectivity delivered by Mobile IoT...

Read more | See all Industry News

New Roles in the Market for Operators as they Look Beyond Traditional Reven Andrew Parker, IoT Marketing Director, GSMA The role of network operators in the market is changing.  As the global infrastructure they support becomes more sophisticated – m...

Read more | See all Industry News

Webinar: How to successfully install and commission NB-IoT a September 27, 2018 This Webinar will be broadcast at September 27, 3pm BST / 10am EDT The availability of LTE network coverage in a customer location is not a true indication of a fully o...

Read more | See all Connected Living Events

European Drones Summit October 15, 2018 The European Drone Summit sets out to bring the up-and-coming drone sector together with industry. The aim of the conference is to define the demands placed on drone te...

Read more | See all Connected Living Events

Mobile IoT Workshop – Building LPWA e2e IoT Solutions October 15, 2018 Event Organisers:   The “Building LPWA e2e IoT Solutions” workshop is a unique opportunity for developers and innovators to discover the potential of Mobile Io...

Read more | See all Connected Living Events

GSMA IoT at IoT Solutions World Congress 2018 October 16, 2018 IoT Solutions World Congress welcomes more than 14,000 visitors from 120 countries around the world. This event is dedicated exclusively to joining IoT providers with i...

Read more | See all Connected Living Events

GSMA IoT at Europol-ENISA IoT Security Conference October 24, 2018 The 2nd Europol-ENISA IoT Security Conference focuses on the cybersecurity of the entire IoT ecosystem, enabling a broad discussion by bringing together experts from cy...

Read more | See all Connected Living Events

GSMA IoT Webinar Series: Industry 4.0 – Optimising Ind October 24, 2018 A total of 66 Mobile IoT networks, including LTE-M and NB-IoT, have been launched, enabling a fraction of the 25.2 billion IoT connections by 2025 per forecast by GSMA ...

Read more | See all Connected Living Events