Blog post -

Explosion in IoT reveals risk of massive black market

In a recent report Gartner predicts that by 2020 over 50% of new major business process and system will incorporate some element of the Internet of Things. From a security perspective this growth will be challenge from many perspectives.

An interesting prediction in the analysis is that in 2020 Gartner expects that there will be a black market that exceeds $5 billion in value and that this is used to sell fake sensor and video data for enabling either criminal activities or to protect personal integrity. The criminal activities include activities such as;

  • getting access to sensitive information about an organization or individual
  • tampering and/or exchanging data to gain advantages such as getting access to premises

Personal integrity will also be a prime subject since the amount of data that is collected can be highly intrusive for an individual so individuals and organizations will seek methods to obfuscate location, behavior and state as they do not want to share this data uncontrolled which will be a disadvantage for commercial and public sector organizations who wants to provide services to the possessor of the data, a scenario that is a great disadvantage to the algorithm economy that brings a great promise to improve the world.

So providing methods to trust between IoT elements is key in terms of protection of the data as well as providing authenticity and origin of the data. Luckily there are already standards in place such as OAuth and UMA or in development in groups like ACE to provide a trusted scalable framework.

Gartner also predicts a rise in spending on security for IoT where it today is a 1% of the overall security budget it expected to be around 20% in 2020.

Full report can be found here for Gartner subscribers http://www.gartner.com/document/3174718?ref=solrAll&refval=160212104&qid=3e6f6b347b08de2e11eae1fbe07165e5

/Per Hägerö, Business Unit Director

Topics

  • Data, Telecom, IT

Regions

  • England

Contacts

Related content

  • Six themes drive identity management in 2016

    For neXus, the leading global provider of security solutions and services, identity management will be one of the central issues in the context of IT security in 2016. The trends such as continuous flexibilization in the working environment, new forms of customer communication and the growing number of cyber-attacks are responsible for this.

  • neXus appoints new CFO

    Magnus Karlsson joins neXus as CFO on February 22, 2016, becoming a new member of the group management. Magnus succeeds Björn Johansson, who has decided to seek new challenges outside the group after nine years with neXus.

  • neXus supplies service card solutions to municipality of Ale

    Municipality of Ale has negotiated a solution for the production and administration of service cards for all its employees. The management of the municipality wanted all personnel to have secure identification that could also be used for secure login, and for access, print-on-demand etc.

  • The SCIM standards just grew up to become RFC's

    Integrity and simplicity for both users and IT-departments just took a huge step forward on the Internet. The SCIM specifications, System for Cross-Domain Identity Management, are now published as publications by the Internet Engineering Taskforce (IETF) as RFC7643 and RFC7644. At neXus we are super proud because we have been playing a key part of the specifications.

  • The Hacked Jeep is not alone

    A recent article in Wired shows how the threat is real and even though causing accidents might not be the prime target it points out that we need to take what we have learnt when opening up systems and API to the IoT world and not just care about remote access to IoT, its also about how different objects in the near perimeter act and are authorized to act.

  • Identity data capture and validation is key

    This week I had the pleasure of visiting NORSIS event IDentitet 2016 in Oslo. Very well structured the event started with presentations around the capturing and validation of identity data which is fundamental for the trust in eIDs (and of course other types of credentials).

  • Server Name Indication and Hybrid Access Gateway

    ​SNI is an extension to TLS that has been around for a while, since 2003, but is becoming more and more important as installations become multi tenant with customers from completely different organizations.

  • Identities without borders

    ​Imagine using your Swedish electronic signature for applying for a building permit for your summer home in Spain? It can soon turn into reality as the new EU regulation eIDAS is being introduced across Europe, enabling national electronic signatures to work across borders in the union.

  • Securing banking solutions

    ​How can neXus help securing banking solutions for authentication, verification and signatures for the next generation of banking services? Meeting and attracting new customers in a disruptive banking market thru new mobile channels is a big challenge!

Enter your email address to follow Nexus Group

When you choose to create a user account and follow a newsroom your personal data will be used by us and the owner of the newsroom, for you to receive news and updates according to your subscription settings.

To learn more about this, please read our Privacy Policy, which applies to our use of your personal data, and our Privacy Policy for Contacts, which applies to the use of your personal data by the owner of the newsroom you follow.

Please note that our Terms of Use apply to all use of our services.

You can withdraw your consent at any time by unsubscribing or deleting your account.
Check your inbox

Email sent to __email__. Click the link there to follow Nexus Group.

Okay