Cyber security for IoT is changing with the exponential increase of connected devices worldwide, the combination of networks and increasing losses from cyberattacks. But there are significant steps toward progress, Sigmadots CEO Itzik Harpaz says
Cyber security is critical for Internet of Things (IoT) with billions of connected devices worldwide facing a growing threat from hackers using powerful systems, a senior executive said.
"In my perspective, IoT is one of the challenging domains for cyber security," said Itzik Harpaz, CEO of cyber security company Sigmadots.
The executive pointed out a number of challenges for boosting cyber security in IoT. Devices such as smart cameras and smart door locks, he said, use a very low-power CPU that can be overcome by hackers using much more powerful cloud-based systems. There are many points of attack but a single point of failure, namely the server or application. And there is no standard in communication protocol, so if there's even one point of failure, the entire service goes down, said the CEO.
Harpaz is a veteran of the IDF's elite 8200 unit with many years of experience in cyber and other domains.
Looking at 2020 and beyond, we now see that cyber security for IoT is changing, Harpaz said. "First, the amount of devices globally is increasing more and more. We're talking about 50 billion devices worldwide."
"Second, the networks, from the perspective of the operator, are starting to be combined. In 2020, 25 percent of attacks on the IoT domain will start at those weak IoT edge points that are not protected. Third, the increasing revenue loss and the money that operators and manufacturers are losing due to cyberattacks. In the UK in 2019 there were losses of 1 billion pounds due to cyberattacks on IoT."
But there are significant steps toward progress. Governments are moving forward with legislation and regulations and laws regarding the specific need for cyber security for IoT. There are already California laws requiring IoT manufacturers to provide cyber-secure solutions, he said.
Also, we are starting to see public awareness of the need and requirement for systems that are cyber secure. There is a lot of discussion on the hacking of devices such as door locks, and statistics show that before buying an alarm system, a lot of people ask for proof that the alarm is cyber secure, said the CEO.
According to Harpaz, his company looked for an IoT cyber security solution but couldn't find any, so it decided to develop one using a different approach as part of a paradigm shift that the company is aiming for aiming for.
"A sole IoT device cannot defend itself against an attacker. But if you can find a way that all of those devices can support each other in defensive efforts, then you have much better power in defense. This was the approach we implemented." The company took the philosophy of blockchain, which basically takes a similar approach in terms of payment, combined it with distributed computing and established a cyber security approach for IoT, he said.
The solution provides end-to-end encryption for the entire path of communication, so the data is protected. In addition, the solution is decentralized so the network protects all of the devices rather than each device protecting itself. The solution is also automatically secured, reducing the operational effort. And it has multilayered software, with the outer layer serving as a firewall and antivirus, according to Harpaz.