Some big players in security and the internet of things, including AT&T and Nokia, are joining forces to solve problems that they say make IoT vulnerable in many areas.
The IoT Cybersecurity Alliance, formed Wednesday, also includes IBM, Symantec, Palo Alto Networks, and mobile security company Trustonic. The group said it won’t set standards but will conduct research, educate consumers and businesses, and influence standards and policies.
As IoT technologies take shape, there’s a danger of new vulnerabilities being created in several areas. Consumer devices have been in the security spotlight thanks to incidents like the DDoS attacks last year that turned poorly secured set-top boxes and DVRs into botnets. But the potential weaknesses are much broader, spanning the network, cloud, and application layers, the new group said in a press release.
AT&T says over the past three years it has detected an increase of more than 3,000 percent in attackers scanning IoT devices for weaknesses. Enterprises aren’t confident their devices are secure, AT&T says.
“That combination of attacker interest and customer concern could damage or even derail the rosy future most vendors see for the Internet of Things,” Pund-IT analyst Charles King said in an email.
The Alliance vows to jointly research problems in all those areas and in major IoT use cases such as connected cars, health care, industrial IoT, and so-called smart cities.
The group’s goals and methods are similar to what the Industrial Internet Consortium has been doing since 2014. IIC, which includes AT&T and IBM, also aims to define best practices and influence IoT standards in several areas, including security. But it's focused specifically on industrial IoT.
Sign up for CIO Asia eNewsletters.