Black Markets and Red Flags for IoT

MUMBAI, INDIA: Even as we are making projections and guesstimates on how soon and how big IoT will impact the world, there are security flags popping up.

By 2020, a black market exceeding $five billion can exist to sell fake sensor and video data for enabling criminal activity and protecting personal privacy. The nature of IoT solutions, how they are deployed, and the types of data they generate and consume are giving rise to new security and privacy implications that organizations must begin to address, as Gartner augurs. This is a rapidly escalating risk to the organization, bringing complexity unfamiliar to most IT and business leaders.

"The IoT has enormous potential to collect continuous data about our environment," said Ted Friedman, vice president and distinguished analyst at Gartner. "The integrity of this data will be important in making personal and business decisions, from medical diagnoses to environmental protection, from commands to modify actions of machinery to identification and authorization of physical access. A black market for fake or corrupted sensor and video data will mean that data can be compromised or substituted with inaccurate or deliberately manipulated data. This scenario will spur the growth of privacy products and services, resulting in an extensive public discussion regarding the future of privacy, the means to protect individual privacy, and the role of technology and government in privacy protection."

By 2020, addressing compromises in IoT security will have increased security costs to 20 percent of annual security budgets, from less than one percent in 2015. As use of IoT devices grows, however, the unique requirements of IoT architecture, design and implementation over multiple industry segments and scenarios will also grow. As a result, Gartner believes that the average security budget for IT, operational technology (OT) and IoT security requirements will respond to the growth of IoT devices across all business segments and scenarios, rising from less than one percent of annual security budgets in 2015 to 20 percent in 2020.

"Major cybersecurity vendors and service providers are already delivering roadmaps and architecture of IoT security, in anticipation of market opportunity," said Earl Perkins, research vice president at Gartner. "Small startups delivering niche IoT security in areas such as network segmentation, device-to-device authentication and simple data encryption are offering first-generation products and services, including cloud-based solutions where applicable. Large security vendors have already begun acquiring some of these IoT startups to support their early roadmaps and fill niches in their portfolios."