It is quite possible that you received an internet of things (IoT) device as a holiday gift, and it’s very likely that you will find this holiday gift useful. But it’s also possible you received an additional gift you have no use for at all: security vulnerabilities. This is the inconvenient truth about the average IoT device — like all technologies, it has flaws and it can add to your risk profile.
Whether you’re an individual concerned about someone hacking your home security system and eavesdropping on your private space or you’re part of an enterprise that could have all its sensors turned into a distributed denial-of-service (DDoS) support army, IoT security vulnerabilities are a fact of life, and we can expect to see more of them as more technological advancements emerge. One such advancement, 5G, is already hitting the streets and will fuel increased ubiquity of IoT devices.
How we manage IoT cybersecurity in the coming months and years will play an increasingly important role in how we manage all types of security risks.
The Same Problems, Just More of Them
What makes an IoT device vulnerable? There are a few issues that are specific to IoT devices, but in principle, they do not differ all that much from the issues we see in other devices we use regularly. In 2014, the Open Web Application Security Project (OWASP) started compiling a list of IoT vulnerabilities to help developers, manufacturers, enterprises and consumers make better decisions regarding IoT systems. Their 2018 about device received holiday
