Securing the Internet of Things

17 August 2016
Report type: Strategy Report
Author(s): Aapo Markkanen
Keywords: IoT security, cybersecurity, Root of Trust, TPM, TEE, Secure Element, HSM, cryptography, PKI, RSA, ECC, threat intelligence, analytics, anomaly detection, device management, firewall, fog computing, gateways, blockchain, distributed ledger, quantum computing, systems integration, virtualisation, hypervisor, RTOS
Companies: ARM, Atmel, Atos, Bastille, BlackBerry, CGI, Cisco, Citrix, Cryptosoft, Device Authority, Digi International, Ericsson, Gemalto, G&D, Groupe Bull, Guardtime, ID Quantique, Imagination Technologies, Inside Secure, Intel, Irdeto, Kaspersky Lab, Lockheed Martin, Lynx Software, Mocana, NTT Group, NTTi3, Palo Alto Networks, PrismTech, QNX, Rambus, Samsung, Splunk, Symantec, Sysgo, TCS, Thales e-Security, Tieto, Trusted Objects, Trustonic, Verimatrix, VMware, Webroot, Wind River
Number of Pages: 53

Security is widely understood as the single most serious challenge to the growth and the evolution of the Internet of Things, with fears that shortcomings in both security technologies and their implementation are paving the way for a plethora of inevitable privacy and safety risks. Due to the vastly diverse nature of the IoT, such risks can be exaggerated and understated at the same time.

At one end of the IoT spectrum, there are mission-critical industrial deployments in which a security failure could indeed have catastrophic consequences. At the opposite end, one can find various, typically consumer-facing IoT propositions where even the worst-case security scenario could lead to little more than temporary inconvenience. In between, there is a wide array of applications with less than straightforward security requirements, which warrant a careful analysis of the involved risks. What all the application types have in common is that any investment in security has to be in alignment with the underlying business case and application design, without jeopardising either.

In this Strategy Report, Machina Research presents a thorough overview of the current state of IoT security and related trends, spanning both the technical and business sides of the subject matter.

The first main section of the report sets the scene with an analytical framework for understanding IoT security as a technology and market concept, and where it fits in with the wider security landscape. It also categorises the main actors that usually are responsible for security attacks, and describes how IoT security differs from the normative, IT-centric enterprise infosecurity and cybersecurity.

It is followed by the second section, which provides commentary on various strategic-level premises that are worth highlighting as further considerations for enterprises that are implementing IoT security.  This is followed by the third section, which discusses the most important techniques for implementing security. Covered are the technology areas that Machina Research regards as the most instrumental for – but also the most challenged by – the growth of the Internet of Things.

The report’s fourth main section walks through some of the more emergent innovation areas that can be expected to prove transformative for the future of IoT security. In the meantime, the fifth section lists and profiles technology suppliers that have thus far been active players in the enablement of IoT security with their products or services. While this is by no means an all-encompassing tracker of who has been doing what, it serves nevertheless as a fairly comprehensive source for identifying which suppliers can be considered in this context more relevant than most of the competition.

As the sixth and the final section, the study presents Machina Research’s conclusions and recommendations.

Download PDF > Log in or subscribe to this Research Stream, please see our Advisory Service.
quick links >