The world is full of normal people like you and me, but I love to think that superheroes live between us and I dream that maybe someday I could become one of them and make a better world with my super powers.
In the universe of superheroes fit gods, mutants, humans with special skills, but also the special agents. I found fun to find similarities between this fantastic world and the world of IoT platforms. Compare and find a reasonable resemblance between IoT Platforms and Superheroes or Super villains is the goal of this article. Opinions as always are personal and subject to all kinds of comments and appreciations. Enjoy, the article.
About IoT Platforms
Many of my regular readers remember my article “It is an IoT Platform, stupid !.”. At that time, per Research and Markets, there were more than 260 IoT platforms, today some sources speak about 700 IoT platforms. I confess, I have not been able to follow the birth, evolution and in some cases death of all IoT platforms out there. I think that many enthusiasts like me also have given up keeping an updated list.
I cannot predict which IoT platforms will survive beyond 2020, or which will be the lucky start-ups that will be bought by big companies or will receive the investors' mana to become a Unicorn, but I like to speculate, and of course, I have my favourite winners and unlucky losers.
About my Own Methodology
Some reputed analysts have adapted their classification methodologies of IT solutions to put some order and consistency into the chaotic and confusing Internet of Things (IoT) platforms market. But given the moment of business excitement around the IoT, have appeared new analyst firms focused on IoT who also wanted to contribute their bit and at the same time make cash while this unsustainable situation lasts.
After reading numerous reports from various sources on this topic, talking to many IoT platform vendors and seeing endless product demos, I have decided to create my own methodology that includes a questionnaire of near 100 questions around different areas: technical, functional, business, strategy, and a scoring mechanism based on my knowledge and experience to make justified recommendations to my clients.
About Super Powers Methodology
But I also had defined an alternative Methodology based on Super Powers.
Super Heroes and Super Villains usually gain their abilities through several different sources, however these sources can be divided into four categories. The Super Powers methodology is based on these four categories of Power Sources.
- Mind Powers – Powers with notable mental abilities. Companies like IBM Watson IoI or GE Predix are notable examples.
- Body Powers – Powers that are gained from genetic mutation. Companies like Microsoft or Amazon mutate to IaaS / PaaS IoT platforms.
- Spirit Powers – Powers gained over time through extensive investment, and are easily obtainable by companies without the risk of horrible mutation or disfigurement. PTC Thingworx, Software AG/Cumulocity or Cisco-Jasper are examples.
- Artefact Powers – Powers gained abilities through ancient objects such as networks, or hardware. Incumbent Telcos M2M Platforms, Telco vendors like Huawei, Nokia or Ericsson, and Hardware vendors like Intel IoT platform, ARM Beetle or Samsung Artik are examples.
For each Power Source category, Super Powers are divided into different levels of power that depend on how strong, or unique, their abilities are.
- Level 0 - with useless, or minimal abilities.
- Level 1 - they are still particularly weak compared to the higher levels.
- Level 2 - have developed their powers to a certain point. About 75% of the platforms belong to this class,
- Level 3 - Mostly are most commonly amateur heroes or sly villains.
- Level 4 - Some of the most unique with a wider variety of powers.
- Level 5 - these fellows are seasoned veterans of their abilities, capable of using them without even needing to concentrate.
- Level 6 - Only a few beings are classified under this level, and their powers are that of being able to control multiple aspects of IoT reality.
Whatever the source of power was, I add Sandy Carter´s recommendation: If you want to become an Extreme Innovator you also need Super Intelligence, Super Speed and Super Synergy.
About Super Heroes and Super Villains
Previously in “Internet of Things: Angels & Demons” and “Internet of Things – Kings and Servants” , I identified some IoT Platform companies as potential superheroes. What was certain is that we knew who the supervillains were. Governments, organizations and business giants that try to control us, manipulate us and frighten us with their economic, political and military powers.
Deciding which superhero can help you more or what superpower is more important for your business is an extremely important milestone in your IoT Strategy.
I've defined the six types/categories of superheroes / IoT Platforms:
a)The superhero whose power is a birthright like Amazon AWS IoT (Superman) or GE Predix (Magneto/Professor Xavier).
b)The superhero whose power is the result of power acquisitions like PTC Thingworx (The Flash) or Cisco Jasper-Parstream (Spiderman) or Autodesk Fusion Connect (FireStorm).
c)The superhero whose power is made possible by technology like Oracle IoT (Iron Man) or SAP Leonardo(Green Lantern).
d)There is the superhero who doesn't have any superpowers but who is a superhero by extremely intensive training like Batman (Ayla Networks) or Black Widow (Exosite) or LogMeIn-Xively (Hawkeye)
e)The superhero who obtains his/her powers due to some supernatural event like Satya Nadella named new CEO for MSFT IoT Azure (Thor) or Telit DeviceWise (Dr. Manhattan) or Google acquisition of Nest (Hulk)
f)Finally, there is the superhero, usually a sentient android, who was created by a human like IBM Watson IoT (Vision) or a normal human playing with magic like Salesforce IoT Cloud Einstein (Dr Strange) or leader of a young team like Hitachi Data System(Most Excellent Superbat).
“Do you agree with my classification system for superheroes and superpowers?”
Although the number of superheroes and supervillains is enormous (more that the IoT Platforms Universe), it would take me a long time to assign each one of the IoT platform a single superhero or supervillain. Since I do not think many companies are willing to pay to know who represents them better, at least I have done a partial and fun exercise.
The Bottom Line
If you are an IoT Platform vendor, you could be doing yourself some questions right now:
- If I could be a Superhero what would it be?".
- Worth to acquire a Super Power or reach an upper level to convince customers I am their Superhero?
And remember …
“With power comes responsibility; with great power comes great responsibility”
Although the number of superheroes and supervillains is enormous (more than the IoT Platforms Universe), it would take me a long time to assign each one of the IoT platform a single superhero or supervillain. Since I do not think many companies are willing to pay to know who represents them better, at least I have done a partial and fun exercise.
Thanks for your Likes and Shares.
We have now entered an era with a new virtual revolution, particularly, the Internet of things (IoT). The virtual revolution marks the starting of information age. We use the Internet almost every day. The net has turned out to be one of established ways for us to work together, to share our lives with others, to shop, to teach, to research, and to learn. However the next wave of the Internet isn't about people. it's far about things, honestly?
All about IoT
IoT is defined as the network of physical objects that can be accessed through the Internet. These objects contain embedded various technology to interact with internal states or the external environment.
IoT is characterized as "the figuring frameworks of sensors and actuators associated by systems, where the processing frameworks can screen or deal with the status and actions of connected objects and machines, and the connected sensors can likewise screen the characteristic world, individuals, and creatures." The center of IoT is not just about interfacing things to the Internet. It is about how to generate and use the big data from the things to make new values for individuals, and about how we empower new trades of significant worth between them. In other words, when objects can sense and communicate, IoT has its knowledge to change how and where choices are made, and who makes them, and to pick up a superior esteem, solution or service.
Fundamental to the estimation of IoT is in actuality the Internet of smart things (smart IoT). Supported by intelligent optimization, smart IoT can increase productivity of work and enhance quality of lives for people. Let us take “cities” — the engines of global economic growth — as an example. Smart cities have the potential to dramatically improve the lives of everyone. In intelligent transportation systems (ITS), smart IoT can not only monitor the status of the transportation, but also optimize traffic signal controls to solve traffic congestion and provide the travelers with better routes and appropriate transportation information, etc. Combining IoT and machine learning (ML) can also make our roads safer. Profits by smart IoT have been shown also in health-care, logistics, environment, smart home, in the aspects of better quality, energy conservation, efficiency increase, and so on.
Smart IoT remains in its infancy now in terms of the technology development and the effect on our global economy system and our daily lives. Maximum IoT statistics aren't used presently within the era of big data. Maximum IoT has no intelligence inside the generation of artificial intelligence (AI). IoT which might be used these days are on the whole for anomaly detection and control, as opposed to optimization and prediction. Given the brilliant anticipated increase of the Internet over the following 10 years, it is considered one of vital challenges and possibilities for us to invent and practice in real-global programs on a way to make the IoT smarter to generate the greatest value.
A few weeks ago, when I returned from the MWC and I wrote about “The wandering souls Network”, I wondered if it would not have been better for my career if I had specialized in a very specific area instead of being a generalist. I think there are decisions in our life that in spite every of us can analyse many times, the final decision will be always the same, because each person is the way he is.
“I define myself today as “A Generalist specialized in Internet of Things (IoT)”
Although the rest of this article can possibly be applied to all White Collar professionals, I'm going to focus on how will affect your decision of being an IoT specialist or an IoT generalist in a futuristic world dominate maybe by Robots.
Defining IoT Generalist and IoT Specialist
Before start examining the pros and cons of becoming an IoT generalist or a IoT specialist in this competitive and unfair world, it’s important to understand the distinction of these two approaches and how they relate to our future career path.
The Merriam-Webster dictionary’s simple definition of a generalist states a generalist is “a person who knows something about a lot of subjects”. A specialist is defined as “a person who has special knowledge and skill relating to a particular job, area of study”.
An IoT Generalist is a professional that understand a bit of everything. The IoT Generalist can speak about new business models enabled by IoT, the value of ecosystems, all kind of networks connectivity, protocols, sensors, devices, Gateways, Architecture, Cloud Platforms, Edge Analytics or Predictive Maintenance. And of course, he must be up to date of standards and security. Such a professional should be able to present to C-Level but also to maintain an intelligent conversation with different technical people. A value added of an IoT Generalist is his/her social network reputation, industry expertise recognition and strategic relationship with IoT/IIOT vendors, Telcos, Analyst, System Integrators.
Being an IoT generalist also require a skill-set of project management, effective communication and good people skills.
Do you have anyone in mind?
An IoT Specialist is a professional that is a subject matter expert in at least one of the core IoT tracks. Since the IoT is very complex even though we try to simplify it with concepts such as IoT in a Box, an IoT Specialist should offer at least expertise in one of the following 6 distinct tracks:
- IoT Devices (IoT Hardware Engineer or IoT SW Embedded Engineer)
- IoT Connectivity (5G, LTE, NB-IOT, 3GLoRA, SigFox, WiFI, Bluetooth) (IoT Telco Engineer)
- IoT Platforms (IoT Architects)
- IoT Edge/Cloud Analytics (IoT Data Scientists)
- IoT Enterprise Integration (IoT Business Process)
- IoT Development and DevOps. Take a look “IoT Skills For Developers”
Do you have anyone in mind?
But possibly to survive the future era of robots, it may matter little to be an IoT Generalist or Specialist and you will need a mix of a (someone who starts out as a generalist, but also has in-depth knowledge over a particular area) or specializing-generalist (someone who is specialized in a particular field, but also has a broader understanding of other aspects of the business) as Lev Kaye, the founder and CEO of CredSpark, wrote.
Remember that moving between both extremes can be extremely difficult once a career path has been embarked upon, so the mix is always good to have. There is, of course, opportunity to move between general and special IoT roles. But the more experience a professional gain in one area or the other, the more difficult it becomes to make a transition, at least without suffering from a dramatic salary loss.
Advantages and Disadvantages of being an IoT Generalists vs an IoT Specialist
There are benefits and downsides to both career routes. In the following table I have included some upsides and downsides of becoming an IoT generalist versus becoming an IoT specialist.
“The good news is that IoT job market is likely going to require both”
Age does matter - Which path is right for you?
If you are at the start of your career, you are probably pondering which route you should take: IoT Generalist or IoT Specialist
When you start, selling yourself as an IoT generalist could be complicate to justify in a job interview, so will be better become a subject matter expert and then progressively move into a specializing-generalist
My Opinion: If you are under 30 you need to stay on top of your areas of IoT expertise and be willing to move when your expertise becomes a commodity or obsolete. This requires vigilance and the willingness to move with industry trends. You must be aware of disruptive trends in IoT technologies. Take into account that in the future, the IoT Specialists will be also under threat from software and robots.
But if you have already passed the barrier of 45 years and suddenly you want to use your background and experience to sell yourself as an IoT Generalist, remember that you have 6 months to demonstrate your added value (most of the time you will be required for selling) or you will be fired without any leniency.
My Opinion: As an IoT Generalist over 45 you will find harder and harder to get hired. You need to be creative and become at least in spirit an entrepreneur. You must continue creating your own brand and reputation and extending your network with key people in the industry. Opportunities for IoT Generalist will not be forever but they must fight project by project. It would not hurt to start specializing in any of the IoT tracks.
And Enterprise size matters too. What are you looking for?
Governments insist to sell us the importance of entrepreneurs for the well-being and sustainable development of countries and encourage us to create startups. Of course, there is no work for life except for Government employees. And it is known that the big multinationals are rewarded in stock market by the number of employees that are fired out each quarter.
Even so, startups are possibly the only way out for IoT Specialist under 25 or IoT Generalist over 45.
- · If you are an IoT Generalist over 45, find a job in IoT startups will be a chimera, except as Sales roles. Launching your own startup with other partners can be a better option.
- · If you are an IoT Specialist under 25 you can try to convince other colleagues to create a Startup and enter in the dynamic of find investors, win awards and pray for a stroke of luck. If you decide to work in an existing startup to get experience and you are not a Founder or Co-Founder, you must be prepared to be exploited, and then move to a Big company.
SMB (Small and Medium Enterprises)
IoT Generalists add value specially to medium to big international companies. Knowing the details about the complex ecosystem and can handle a vast array of technical concerns is becoming critical for SMBs. There is little need for IoT specialist as there are not enough technical needs in any one specific area to warrant a full-time staff member dedicating themselves to them.
This does not mean that if you are an IoT Specialist you should not try to work for a SMB. Other consideration like industry knowledge, proximity or quality of life will compensate the promises of more money and relevance in Big International companies.
- · IoT Generalist over 45 are typically more valued in smaller organizations. Small organizations typically cannot afford to hire a lot of IoT specialists. You will be more valued in smaller organizations who need their employees to wear a lot of hats. In a SMB the transition to a generalizing-specialist will be natural-
- · If you are an IoT Specialist under 25 and you do not pursue the fame of being a number in a Big international company, you can enjoy more in a SMB because you will have more probability to become more quickly a specializing-generalist.
Big International companies / Top IoT companies
Here we must separate into two types of companies: Top IoT companies including Big IT and OT vendors and End Customers.
There are many lists of Top IoT companies. Almost always these lists include the habitual suspects, and as usual they have notable absences and without forget that the ranks leave much to be desired. But at least such type of list provide the names of companies that either IoT Specialists of IoT Generalists should be searching for a job.
End Customer will need help from both IoT Generalist and IoT Specialist, the question is when and who are them?
- · The desire of an IoT Generalist over 45, that used to work on Big Companies, is return to a Top IoT Company or Big Enterprise. Although it would seem easy, it is by no means a road of roses. You must create your own strong personal brand and be a well-known and influencer of the industry.
- · If you are an IoT Specialist under 25 with experience in startups you will be hunted soon for one of IoT Top vendor. Do not let yourself be blinded by the name of the company, but the project and the future importance of IoT within it.
Looking beyond 2025, the begin of the era of robots
Not because I attend the MWC that specifically caused me to think back on the changes that will occur in the IoT job landscape, it was this conference in addition to the many other IoT events that I attended over the past years that make me think how IoT professionals will be living the strong gravitational rift as we approach to 2025 and beyond.
Unemployment is one of the main problems in today consumer owned society. The unemployment is especially cruel to young people in search of their first job. But also for those who have passed the barrier of 45 (IF $your age is >45 THEN "sorry you are overqualified”).
When I wrote “Your job will be in our special metal hands” I imagined a near future in which companies will use Recruitment Robots to search, identify, select and manage candidates and employees more efficiently. Although it is crucial you follow your heart and your passion when making the decision you should consider the requirements of future employers will be robots.
If today, what matters is knowing a little of everything in the Internet of Things, an IoT Generalist, cross-trained and energetic. Fast forward a few years, and the IoT profession will took a different turn. IoT Specialists must emerge, particularly in larger organizations. IoT Specialist should also be aware of the way IoT jobs will change. Several traditional IoT specialist jobs today will be facing the threat of automatization and will not have an easy time beyond 2025.
THE BOTTOM LINE
When deciding between IoT generalist and IoT specialist career paths, you need to carefully consider the type of person you are. Ultimately, the advantages and disadvantages of either path depend on your personality and drive. If you work hard towards achieving your career goals, you can do so as an IoT specialist and as an IoT generalist and remember you need to be passionate and your attitude will matter today and beyond 2025.
IoT Specialist or IoT Generalist? Choose your own destiny.
Thanks for your Comments and Likes
It was a matter of time to end up writing an article to talk about the connection between Internet of Things (IoT) and the technology (arguably still in the infancy of its development) that may have the greatest power to transform our world, Blockchain.
In a future planet interconnected not just by devices, but by the events taking place across it, with billions of devices talking to one another in real time, the Internet of Things will require a secure and efficient way to track all interactions, transactions, and activities of every “thing” in the network.
Blockchain’s role could be a coordination layer across devices and the enabler of the IoT to securely facilitate interactions and transactions between devices, and may also support certain processes related to architecture scalability, data sharing, and advancements in encryption and private key technology, enhanced security, and potentially even privacy.
With blockchain, the Achilles’ heel of the IoT of heterogeneous OEM devices world now becomes viable. I wonder however, if is feasible that this decentralized IoT network may co-exist IoT sub-networks or centralized cloud based IoT models.
But let's face it, blockchain is still a nascent and controversial technology (experts estimate that it might take 5 -10 years for the mainstream adoption of blockchain technologies). Therefore, we must consider that blockchain’s applications within the Internet of Things is still a matter of conjecture and trial, and that it will take more time to determine whether and how blockchain might be implemented to secure IoT ecosystems.
What is Blockchain?
Blockchain, the technology that constitutes the backbone of the famous bitcoin, is a database that maintains a continuously growing set of data records. It is distributed in nature, meaning that there is no master computer holding the entire chain. Rather, the participating nodes have a copy of the chain. It’s also ever-growing — data records are only added to the chain.
A blockchain consists of two types of elements:
- Transactions are the actions created by the participants in the system.
- Blocks record these transactions and make sure they are in the correct sequence and have not been tampered with. Blocks also record a time stamp when the transactions were added.
If you want to know more about blockchain you can read:
Fascinating opportunities ahead with IoT and Blockchain
The possibilities of IoT are virtually countless, especially when the power of IoT is combined with that of other technologies, such as machine learning. But some major hurdles will surface as billions of smart devices will want to interact among themselves and with their owners.
While these challenges cannot be met with the current models that are supporting IoT communications, tech firms and researchers are hoping to deal with them through blockchain.
Applying the blockchain concept to the world of IoT offers fascinating possibilities. Is yet to be seen if blockchain is bound to expedite the revolution, simply by being the backbone for most of the future IoT systems.
An example - Right from the time a product completes final assembly, it can be registered by the manufacturer into a universal blockchain representing its beginning of life. Once sold, a dealer or end customer can register it to a regional blockchain (a community, city or state). But, this is only the beginning for the blockchain and Internet of Things (IoT). A washing machine could become a semi-autonomous device capable of managing its own consumables supply. It can perform self-service and maintenance, and even negotiating with other peer devices.
Challenges of Blockchain and IoT ecosystems
The chaotic growth of IoT will introduce several challenges, including identifying, connecting, securing, and managing so many devices. It will be very challenging for the current infrastructure and architecture underlying the Internet and online services to support huge IoT ecosystems of the future.
Forrester analyst Martha Bennett in the report “Disentangle Hype From Reality: Blockchain’s Potential For IoT Solutions“ defines three categories of challenges that Internet of Things and blockchain ecosystems participants must address: Technology, Operational challenges and Legal and compliance issues.
According with the report, the result of multiple surveys indicates that what the IoT requires more than any technological or architectural advancement is trust: trust between stakeholders and the devices interacting with them, their customers, or on their behalf.
“As technology and commercial firms look for ways to deploy and secure Internet of Things technologies at scale, blockchain has emerged as a clear favorite for managing issues like identity and transaction security”
Blockchain, a strategic ally to Democratize the IoT
The big advantage of blockchain is that it’s public, so there is no single authority that can approve the transactions or set specific rules to have transactions accepted. Thus, the primary utility the blockchain is a censorship resistant way to exchange value without intermediaries.
Will blockchain disrupt the disrupters?. In my post “Is it possible to democratize the Internet of Things? How to avoid that a handful of companies can dominate the IoT” I already suggested the use of blockchain to avoid that data-hungry businesses and governments collect data on the behaviour of people and the performance of objects. Blockchain could avoid that Multinational and governments deepening tracking and control of citizen behaviour and attitudes.
Are IoT Business Models at risks with Blockchain?
IoT Service Providers hope not. There is a risk that the combo of blockchain and the sharing economy trashes some new IoT business models. Same way that, successful or not as successful platform, companies like Uber and Airbnb, are worried today.
Just think, the success of these and some other platform companies is largely due to people trading assets they own and are paid for, but from which new value could be derived, And they release this value by using platforms to match up sellers of the extra capacity – whatever it may be – with buyers. Further, they collect data about transactions “for further commercial gain”.
Indeed, arguably many of new IoT companies’ main line of business will be data, but, what if blockchain enabled buyers and sellers to work peer-to-peer and cut out the middleman/data aggregator and seller? In that case the secure connectivity could be king not the data.
A question for IoT Platform vendors, if we have a secure, foolproof decentralized system, why do I need your IoT Platform if I and all the communities I belong to can do it for ourselves, without anybody collecting, analyzing and selling data about me?
The convergence of Blockchain and the Internet of Things closer
In my post “Will we be able to build the Internet of Things?” I warned about the Babel tower of Alliance & Consortiums in the Internet of Things.
A blockchain technology industry consortium is emerging from the meeting, New Horizons: Blockchain x IoT Summit, with the objective of defining the scope and implementation of a smart contracts protocol layer across several major blockchain systems.
In December 2016, representatives from a group of industry-leading startups and innovative Fortune 500 companies met in Berkeley, CA to discuss the challenges facing blockchain and IoT innovation and the potential for a collective effort to address them. The meeting was the first step towards a collaborative effort to explore and build a shared blockchain-based Internet of Things protocol. Participants in the discussions included blockchain companies Ambisafe, BitSE, Chronicled, ConsenSys, Distributed, Filament, Hashed Health, Ledger, Skuchain, and Slock.it, along with Fortune 500 corporations BNY Mellon, Bosch, Cisco, Gemalto, and Foxconn.
Who is using Blockchain in IoT
The IoT and blockchain combination is already gaining momentum, and is being endorsed by both startups and tech giants. Several companies are already putting blockchain to use to power IoT networks.
Filament, a startup that provides IoT hardware and software for industrial applications such as agriculture, manufacturing, and oil and gas industries. Filament’s wireless sensors, called Taps, create low-power autonomous mesh networks that enable enterprise companies to manage physical mining operations or water flows over agricultural fields without relying on centralized cloud alternatives. Device identification and intercommunication is secured by a bitcoin blockchain that holds the unique identity of each participating node in the network.
Telstra, Australian telecommunication giant Telstra is another company leveraging blockchain technology to secure smart home IoT ecosystems. Cryptographic hashes of device firmware are stored on a private blockchain to minimize verification time and obtain real-time tamper resistance and tamper detection. Since most smart home devices are controlled through mobile apps, Telstra further expands the model and adds user biometric information to the blockchain hashes in order to tie in user identity and prevent compromised mobile devices from taking over the network. This way, the blockchain will be able to verify both the identity of IoT devices and the identity of the people interacting with those devices.
IBM, allows to extend (private) blockchain into cognitive Internet of Things. To illustrate the benefits of blockchain and Internet of Things convergence, IBM gives the example of complex trade lanes and logistics whereby smart contracts can follow (and via blockchain technology register), everything that has happened to individual items and packages. The benefits: audit trails, accountability, new forms of contracts and speed, to name a few.
IBM and Samsung introduced their proof-of-concept system, ADEPT, which uses blockchain to support next-generation IoT ecosystems that will generate hundreds of billions of transactions per day.
Onename are creating the infrastructure for blockchain based identities that can be used for humans and machines. This means the blockchain can act like a phone book that lets machines find each other.
Tierion is being used to collect data from industrial medical devices to build a verifiable record of their usage and maintenance history. Tierion is thrilled to be the first partner to join Philips' Blockchain Lab. Together they are exploring how blockchain technology can be used in healthcare.
ConsenSys working with Innogy (a subsidiary of German utility RWE) are exploring how to enable an energy marketplace fed by distributed solar and other electricity-generating devices, which are run using a decentralized power grid.
21.co, Microsoft, Slock.it, and others are working directly with adopters in manufacturing, supply chain management, energy and utilities, agriculture, and construction; distributed ledgers may further automate, secure, and drive new services for these industries.
Blockchain is not the unique silver bullet for IoT security
Given the importance that Security has to fulfil the promise of the Internet of Things (IoT), I wrote “Do not stop asking for security in IoT” although I did not talk about how blockchain can help secure the Internet of Things. Now with this post, I hope I have corrected that gap.
The existing security technologies will play a role in mitigating IoT risks but they are not enough. Cryptographic algorithms used by blockchain technologies could perhaps be a silver bullet needed by the IoT industry to create a more resilient ecosystem for devices to run on and to make consumer data more private. But blockchain should not be viewed as the unique silver bullet to all IoT security issues considering that today’s blockchain space is even more nascent than the IoT.
Manufacturers, legislators, IoT hardware and software vendors, IoT Service Providers, System Integrators, analyst, and end users, must be aware of the IoT security challenges and focus on increase security efforts to reduce the risk inherent to the fragmented Internet of Things so among all we can accelerate adoption.
In the long term, we should keep dreaming in a fully decentralized and secure IoT using a standardized secure communication model. We must trust this dream will be possible, if worldwide, engineering talent, startups, large companies, and governments increase the investment in time, energy, and money to innovate in solutions that address the IoT’s and blockchain’s shared problems.
It's 2017 and IoT continues to be a buzz. Appearing more frequently in almost every news articles regarding technology trends, digital transformation and the next "industrial revolution". However, behind the seemingly robust industry boom, rates of IoT adoption across Southeast Asia seems to be at a more conservative level.
Enterprises and organisations are cautious of adopting IoT for various reasons, and it is important for solution providers to understand these gaps in order to address enterprises' challenges and bring IoT to a wider reach.
Arguably the second-most popular buzzword, security issues have been the top concerns of any digital, connected projects out there. 2016 was a "year of hack" around the world, from the (alleged) hacking of the US elections, US $81 million stolen from Bangladesh Bank, and hacking of airports and banks in Vietnam. All these issues raise the concern of the security of enterprises putting up sensitive information about their business in the cloud, where IoT devices without basic security functions can be hacked within minutes.
Ensuring cyber security is crucial for businesses when they decide whether or not to migrate into the cloud and rely on technologies for operations and sensitive information.
Cost is another big concern for enterprise IoT adoption, especially in the Small and Medium Enterprises (SMEs) in Southeast Asia. Many of the IoT product offerings currently pose a challenge for SMEs to adopt, especially when the benefits are usually seen in the long run rather than short-term. This is especially apparent in emerging economies like Myanmar, where despite the high potential for enterprise ICT/IoT adoption, the high cost of digital products still poses a challenge to the local companies, prompting them to either seek foreign investments, collaborate, or find localised products that are more affordable - prompting local system integrators and distributors to be active in helping to grow the local markets.
This also prompts another important issue of having a strategic planning when it comes to digitisation and using IoT, in order to cut upfront costs while still benefiting from the new technologies.
3. Sustainable investments & developments
As the IoT buzz continues to ride the waves of publicity, especially from big names like Hewlett Packard Enterprise, IBM, Oracle, Microsoft and Google, enterprises should avoid jumping on the bandwagon without understanding the actual benefits and what IoT can bring to the table. A Bain & Company survey found that 59% of global companies believe they lack the capabilities to generate meaningful business insights from data, while another survey had 85% of respondents saying that they will require substantial investments to update their existing data platform - which can be costly and time-consuming.
Understanding the challenges that the businesses and enterprises face will be crucial for solution providers to offer not only products for the sake of having products, but also be able to offer their clients advice on strategies and plans of how to apply IoT successfully and strategically - depending on each company's needs and requirements.
Businesses in Southeast Asia comprise of many young, robust and innovative enterprises hoping to use technologies to differentiate, expand and produce with high efficiency and productivity. Addressing the pain points and challenges of technologies will allow solution providers and businesses to have better understandings of each other, and help the Southeast Asian IoT market reach new heights.
What is the top challenge that your company is facing with regards to technologies/IoT adoption? Let me know in the comments section.
If you are interested in learning more about Southeast Asia's enterprise IoT markets and connect with businesses across the region about your solutions, drop me a note at [email protected] Looking forward to speaking with you!
The IoT market has changed in many ways throughout the years, and since it’s a growing industry, there’s an estimated 32.6% CAGR increase in the next five years.
As an industry predicted to spend trillions in solutions, IoT’s trends need to be carefully observed and examined in order for implications and applications to be future-proofed.
How do you go about doing this? By simply analyzing how IoT is being used, as well as identifying which sectors are showing potential growth. Right now, a lot of focus is given to consumer applications such as Amazon’s dash buttons and smart home appliances. However, there are many opportunities in remote IoT. This covers industries like industrial, transportation, healthcare, etc.
One challenge that needs to be dealt with is how connectivity is approached right now. As more IoT and M2M devices would be deployed in rural areas and places with limited connectivity, applications and machines would need an improved infrastructure in order to carry out their purpose in areas with little connectivity.
Additionally, the increase of transportation and emergency-related applications would require not only ways to deals with low connectivity but also call for a system that can access multiple networks depending on availability and location.
Another challenge is how current devices will handle the developments in IoT and M2M technologies in the next five years. The 2G sunset is just one-way communication companies are affecting the industry.
Don’t fret, though, as there are several ways to resolve this and many opportunities left to explore to get ready for IoT’s evolution in the coming years.
Want to learn more about the possibilities remote IoT connectivity presents and how you can prepare for them? Check out the following infographic from Communications Solutions Company, Podsystem, and start future-proofing your IoT and M2M applications.
A few years ago, the idea of a “Telco in a Box” was very usual among the Telecommunication industry. Basically, it was a pre-integrated, turnkey real-time billing and customer care solution that enabled communications service providers (CSPs) to accelerate their growth strategies and increase profitability.
Companies like Accenture, Oracle, Redknee or Tech Mahindra used this concept addressed to Mobile Virtual Network Operators or MVNOs, Tier 3 Operators and Tier 1 sub brands. The benefits of this solution were clear:
- A low-risk, quick to launch turnkey solution
- Go to market faster than competitors
It was a matter of time that this marketing slogan reached the Internet of Things (IoT). And so it has been, at the moment with little noise, but it is certain that we will see much more "IoT in a Box" in the next months.
What is IoT in a Box and What's in the box
Today we could say that IoT in a Box is:
- A pre-configured, fully integrated, enterprise-enabled IoT bundle optimized for IoT processing (Telco view)
- All the required building blocks to develop a wireless IoT system (IoT Vendor view)
In the first case, the IoT in a Box must include some of the following components depending of the application:
- · Hardware / Hardware as a Service
- · 1 o more battery powered modules with sensors for monitoring for instance temperature, humidity, geo-location, movement, vibration, battery level or signal strength
- · 1 or more Relay switch or actuators
- · 1 GSM chip (SIM) per module with a data plan
- · IoT gateway
- · Software / Software as a Service
- · Device management
- · Enterprise database with storage plan
- · Security Connectivity
- · Pre-configured dashboards
- · Pre-configured thresholds and alerts
- · Mobile app
- · Services / Services as a Service
- · Professional Services (optional)
- · Support (basic included, premium optional)
When you receive your IoT in a Box. All you must do is:
- charge your modules
- place them on (or in) things,
- login to your own org to name your modules, and then
- turn on your modules. As soon as you activate a module, it starts to send sensor data, and you can start monitoring your things in near-time - online or using the mobile app.
“The concept behind a basic “IoT in a box” is that It takes you less than 1 hour to set up your own IoT system.”
In the second case, the IoT in a Box must include a Development Kit and all required building blocks to develop a wireless IoT system. We will see some examples later.
What if I want to expand the capabilities of my IoT application?
Although IoT in a Box is aimed at solving a simple business need, in certain scenarios or industries it may be necessary to extend the capabilities included in the Box. In this regard, vendors must provide accessories, expansion modules, I/Os and peripherals, Multi-standard connectivity options and additional Pre-configured dashboards and alerts depending of the industry and application.
Selling IoT in a Box
When I wrote Welcome to the first “Selling IoT” Master Class!, I did not emphasize in selling IoT to Small and Medium Business (SMB) and Consumer market. Precisely, the main objective that vendors pursue with the “IoT in a box” is increase sales in SMB market. This is a huge market and vendors need a way to escalate by channel partners, but as I do not consider myself an expert selling to SMB, so I look forward for your advices.
Is IoT in a Box already in the market?
Due to confidentiality agreements, I cannot include info from different vendors that will be selling IoT in a Box very soon. But we can find already some examples of IoT in a Box in the market. See below some of them based on public information.
T- Mobile IoT in a Box - With the T-Mobile IoT Box, you can realize your individual M2M application without great effort. Connect your devices and sensors and transfer the obtained data to a cloud system via mobile radio. A data interface provides processing and integration information to other systems, websites, or apps. The T-Mobile IoT Box consists of a developer board with an integrated M2M SIM card, several inputs / outputs and Bluetooth smart interface, an online portal and a RESTful API.
T-Mobile US – IoT promotion for device makers - Building on its movement into the internet of things (IoT) market, T-Mobile US announced a new IoT-specific pricing model as part of a promotion that includes a free Cat1 LTE module along with data services.
T-Mobile US, SVP Doug Chartier said: “The wireless industry needs simpler options for IoT to take off, and that’s exactly what we’re delivering.”
Telia M2M in a Box - M2M technology easy and affordable for any business. Telia M2M in a Box gives you a set of hardware with sensors providing you with real time information about position, movement and climate, which you can monitor directly in the web portal. A versatile and user-friendly measurement tool to observe, monitor and protect your business remotely.
Capgemini IoT-in-a-Box is a rapid, low-cost, low-risk, method to pilot IoT strategy to test and define business cases and provides a pre-configured, enterprise-ready IoT system for monitoring up to 25 devices. It simplifies the task of aligning integrating and configuring all IoT components to provide rapid time to value.
IBM - The Intelligent Building – IoT Starter Kit (Enterprise Edition) is an out–of-the-box IoT solution for Intelligent Buildings. The kit provides seamless integration of the EnOcean Smart Gateway with the Watson IoT Platform.
Relayr- Relayr -Industrial Grade Starter Kit for IoT Acceleration powered by relayr, Intel, Dell and Bosch.
Microsoft – Solair IoT in a Box was an IoT plug&play kit to connect things, sensors, machines to a gateway and then, in a few clicks, instantly visualize data on the Solair application. After acquisition of Solair probably Microsoft had discontinued this offer.
Bosch - Bosch IoT Starter kits that come with pre-configured XDK devices + cloud connectivity. It is as out of the box as it could be!
HPE - HPE Uncorks IoT In A Box - Called (at least by Hewlett Packard Enterprise) the ‘industry’s first converged systems for the IoT’, the Edgeline EL1000 and Edgeline EL4000 systems ‘integrate data capture, control, compute and storage to deliver heavy-duty analytics and insights at the edge to enable real-time decision making.’
Electric Imp - IoT QuickStart by Electric Imp - Electric Imp’s IoT QuickStart Family is designed to help you cut the time to build, test and prototype complex IoT solutions all while maintaining industrial-strength security, scalability and control. Based on reference designs that Electric Imp experts have developed over the past five years, the IoT QuickStart Family appliances represent the most frequently requested secure connectivity and device prototype solutions, each delivered in a fraction of the time and cost required by custom-built solutions.
Creator Ci40 IoT Developer Kit - The Creator Ci40 board is a high-performance, low-power microcomputer that packs a cXT200 chip based on a subsystem optimized by us specifically for IoT applications. The cXT200 SoC includes a dual-core, dual-threaded MIPS CPU clocked at 550 MHz and an Ensigma connectivity engine that covers super-fast 802.11ac 2×2 MIMO Wi-Fi and low-power Bluetooth/Bluetooth low energy (Classic and Smart). See also: Imagination Launches ‘IoT In A Box’ Kickstarter - and Build a home IoT irrigation system with 'IoT-in-a-box' kit .
Nextcloud Box – a private cloud and IoT solution for home users – from Nextcloud, Canonical and WDLabs. Nextcloud Box makes hosting a personal cloud simple and cost effective whilst maintaining a secure private environment that can be expanded with additional features via apps. The Nextcloud Box consists of a hard drive and a case, complemented by a Raspberry Pi 2 or a similar credit-card sized computer. The pre-configured, easy-to-use platform handles file storage and syncing, communication and more, requires no maintenance and enables users to install more functionality through apps like Spreed, OpenHab and Collabora Online. The box offers 1TB of storage at the price point of Eur 70. For information on where to buy please visit nextcloud.com/box.
WIKON – My M2M BOX – Our special expertise lies in the compliance with industrial standards for our product developments and the development of powerful embedded hardware and software. Special developments for explosion zones, adverse environmental conditions, IP-68 standards and extended temperature ranges are frequently in demand.
Mobica collaborates with Advantech to develop a complete IoT Solution - Mobica, a Silver member of Oracle Partner Network (OPN) and global provider of a leading-edge software engineering, testing and consultancy services, developed a solution which aggregates data from a variety of sensors and sends it to the Oracle Internet of Things Cloud Service for analysis and integration. Mobica used an Advantech UTX-3115 IoT gateway and a M2.COM based WISE-1520 Low-Power Wi-Fi IoT node for sensor input.
The ThingBox Project - Use Internet of Things technologies without any technical knowledge and for free.
Eight best IoT starter kits: The best internet of things developer kits –
Imagination Meluncurkan kit IoT –“IoT http://misteriotcom/2015/11/24/imagination-meluncurkan-kit-iot-iot-in-a-box/
There are many IoT Vendors who offer Devices, IoT platform, Apps and Services bundled with the same purpose of IoT in a Box, democratize the IoT.
IoT in a Box and IoT Marketplaces
As we know “IoT is not only about connecting things, neither controlling things”, it is about the Things become more intelligent and therefore companies could offer new services under new business models. I believe that IoT marketplaces will play a key role in the evolution of IoT in a box. We have already some examples:
Libelium, the IoT Marketplace is a one stop click-and-buy online store. The company is helping frustrated companies with pre-integrated solutions from choosing the right hardware, cloud components to application.
Telus IoT Marketplace – Connect the things that matter to your business by leveraging connected devices provided by their partner network.
ThingWorks Marketplace – gives easy access to everything you need to build and run your ThingWorx based IoT application. All components listed on the ThingWorx Marketplace are customized, tested and guaranteed to work with the ThingWorx platform.
Intel IoT marketplace – Coming soon.
“IoT in a Box solutions that encompass infrastructure, networking, analytics, service enablement and monetization to connect devices, expose data, services and processes to applications, consumers and machines will be the foundation for IoT marketplaces”.
IoT Service in a Box, the logical evolution of IoT in a Box
I believe that the logical evolution of IoT in a Box will be IoT Service in a Box sold through IoT marketplaces. It is a matter of time that we will see:
- · Predictive Maintenance in a Box as a Service
- · Loss Prevention in a Box as a Service
- · Asset Location in a Box as a Service
- · Predictive Intrusion in a Box as a Service
- · Vending Machine Product Recommendation in a Box as a Service
- · Real time micro-Inventory in a Box as a Service
- · Customer Emotion in a Box as a Service
- · …… Your imagination is the limit
Was this all available to us 20 years before? Ali Baba’s “Open Sesame” was a story of childhood, but Digital Transformation is reality – and from now on nothing will be same again.
What will this market bring us in the next few years? Are there reasons for optimism?
During the last three years, I have had the opportunity to discover, know and analyse more than 50 Spanish companies in the exciting sector of the Internet of Things (IoT).
Some of these companies are globally recognized as pioneers of IoT. Others less known but very innovative, with great talent in their ranks. All of them have been weathering the storm and far from being discouraged, because the reality is being tougher than all the hype announced by analysts, are more excited than ever before future expectations.
As I wrote in my post “5 PROVERBS TO SAVE MY STARTUP”, nobody is a prophet in their land, but even so, I can not resist providing a few tips that I believe can help us use IoT as an enabler that drives the ICT sector. Would not it be fantastic if we finally met our desire to have a strong, dynamic, competitive and innovative ICT sector in our society?
And the stark reality is: "Spain is not a technological country, it is a service country". I think that the lapidary expression of Miguel de Unamuno, that “they invent it”, also applies to the IoT. But it is one thing not to invent and another is to become sellers of products, solutions or services of multinationals by all known.
We must use our ingenuity, talent, creativity, and customer orientation to design and develop quality, easy-to-use global IoT solutions.
If we are good sellers of foreign products, the language should be the problem. Our objective market should not be our City, our Community or our Country, our market must be the world.
Focus, Focus and Focus
I have insisted on many forums that in Spain we can not do everything on IoT. For example, we can be leaders in Smart Cities, but we will have little chance of success in Connected Cars, we must fight to find a gap in Industry 4.0 (also known as Industrial Internet or IIOT) but I fear we will not be number 1 in Wearables, although we could be innovative in Health services.
We must analyse our strengths and weaknesses to recognize where our opportunities are and what our threats are. Let us be references in our focus areas.
We know that there is not a single company in the world that can do everything in IoT, much less leading the IoT, so it is obvious that our companies and Startups have no other choice than to create or be part of reliable ecosystems and Collaborative projects in the focus areas to meet the challenges posed by IoT projects.
We must design new sustainable business models with our local partners, it is time to trust if we want to survive in this competitive and fragmented sector until the magic 2020.
It's time to real collaboration, put a logo on our presentations and our website is absurd if there is something else behind.
Given the size of IoT Spanish companies it is not possible to do everything and get it right.
We must specialize, whether manufacturing specific hardware, developing software or offering services in our focus areas.
To succeed in IoT, Spanish companies must be able to offer global and scalable solutions. We will need startup talent to focus on companies of a larger size than without giving up innovation and agility, being able to cope with large national and international IoT projects.
Expect to be outsourced by other subcontractors of a company that works for an end customer is not acceptable if we really want to change. It is a pending subject of our business model not only in technology, it is a deep-seated problem of corporate culture.
We should be able to have at least one unicorn in IoT. And I'm not talking about Telefonica, Banco Santander, BBVA, Iberdrola, Inditex, ACS, Ferrovial or Indra, but a company that provides a new IoTaaS model based on our strengths (which all or almost all know) Services and HW / SW IoT products from Spanish manufacturers. That is, we must think about having our Uber, Airbnb or why not our Spanish Tesla.
We must look for concentration of companies in the focus areas to achieve the size that allows the scalability that the IoT business needs.
Invest in Education and Training
The IoT is complex, although many try to make it simple. We will need many types of profiles and not just theoretical knowledge.
It is vital at both, the private and public levels, that the Public Administrations and Companies dedicate funds to continuously educate students and train employees in the IoT technologies.
“Investing now in IoT training will be key to ensuring a sustainable future for our companies, our country and our professionals.”
This advice goes to both Enterprises and Public Administrations.
In the case of Enterprises, it would be highly desirable to lose for once the fear of being the first to implement technology solutions. You must consider IoT a key element in the digitization process of your company.
Public Administrations, stop using your budgets as always, and think about investing in a more sustainable, intelligent and connected citizen.
To conclude, pulling on the proverb I think:
"We have the wicker, so we must have confidence that we can make a great basket in IoT".
You can read the Spanish version here.
Thanks in advance for your Likes and Shares
Thoughts ? Comments ?
In the recent Cricket world cup, every team had its own team of Data Analysts. They used various technologies like Cloud Platform and visualizations to predict scores, player performance, player profiles and more. Around 40 years’ worth of Cricket World Cup data is being mined to produce insights that enhances the viewer's experience.
- What would be the most profitable food served at the concession stand?
- What would be the best prices to sell game day tickets?
- Determine which player on the team is the most productive?
- Which players in the draft will become all-stars, and which ones will be considered role players?
- Understand the fans behavior at the stadium via their app and push relevant information accordingly.
- Very small, targeted in scope and functionality
- Gives developers the freedom to independently develop and deploy services
- Loosely coupled & can communicate with other services on industry wide standards like HTTP and JSON
- API based connectivity
- Every service can be coded in different programming language
- Easily deployable and disposable makes releases possible even multiple times a day
- New Digital technology can be easily adopted for a service
- Allows to change services as required by business, without a massive cost
- Testing and releases easier for individual components
- Better fault tolerance and scale up
- Incur a cost of the testing at system integration level
- Need to configure monitoring and alerting and similar services for each microservice
- Service calls to one another, so tracing the path and debugging can be difficult
- Each service communicates through API/remote calls, which have more overhead
- Each service generates a log, so there is no central log monitoring.
Now is the time to move beyond just collecting, storing & managing the data to take rapid actions on the continuous streaming data – Real-Time!!
- Digital makes customer self-service easy.
- Digitally engaged customers trust their utilities.
- Customer care, provided through digital technology, offers utilities both cost-to-serve efficiencies and improved customer intimacy.
- Digital technology brings the capability to provide more accurate billing and payment processing, as well as faster response times for changing addresses and bills, removing and adding services, and many other functions
- Using Mobile as a primary customer engagement channel for tips and alerts
- Predictive maintenance with outage maps and real time alerts to service engineer helps reduce the downtime and costs
- Smart meters allows utilities organizations to inform their customers about the energy consumption, tailor products and services to their customers while achieving significant operational efficiencies at the same time
Transportation has become one of the most frequently highlighted areas where the internet of things can improve our lives. Specifically, a lot of people are excited about the IoT's potential to further the progress toward entire networks of self-driving cars. We hear a lot about the tech companies that are involved in building self-driving cars, but it's the IoT that will actually allow these vehicles to operate. In fact, CNET quoted one IoT expert just last year as saying that because of the expanding IoT, self-driving cars will rule the roads by 2030.
On a much smaller scale, there are also some niche applications of the IoT that are designed to fix specific problems on the road. For instance, many companies have looked to combat distracted driving by teenagers through IoT-related tools. As noted by PC World, one device called the Smartwheel monitors teens' driving activity by sensing when they're keeping both hands on the wheel. The device sounds an alert when a hand comes off the wheel and communicates to a companion app that compiles reports on driver performance. This is a subtle way in which the IoT helps young drivers develop better habits.
In a way, these examples cover both extremes of the effect the IoT is having on drivers. One is a futuristic idea that's being slowly implemented to alter the very nature of road transportation. The other is an application for individuals meant to make drivers safer one by one. But there are also some IoT-related tools that fall somewhere in the middle of the spectrum. One is an exciting new app that seeks to make the roads safer for the thousands of shipping fleet drivers operating on a daily basis.
At first this might sound like a niche category. However, the reality is that the innumerable companies and agencies relying shipping and transportation fleets have a ton of drivers to take care of. That means supervising vehicle performance, safety, and more for each and every one of them. That process comprises a significant portion of road activity, particularly in cities and on highways. These operations are able to be simplified and streamlined through Networkfleet Driver, which Verizon describes as a tool to help employees manage routes, maintenance, communication, and driving habits all in one place.
The app can communicate up-to-date routing changes or required stops, inform drivers of necessary vehicle repairs or upkeep, and handle communication from management. It can also make note of dangerous habits (like a tendency to speed or make frequent sudden stops), helping the driver to identify bad habits and helping managers to recommend safer performance. All of this is accomplished through various IoT sensors on vehicles interacting automatically with the app, and with systems that can be monitored by management.
The positive effect, while difficult to quantify, is substantial. Fleet drivers make up a significant portion of road activity, and through the use of the IoT we can make sure that the roads are safer for everyone.
Almost three years ago, I wrote in my IoT blog the posts “Are you prepared to answer M2M/IoT security questions of your customers ?. and “There is no consensus how best to implement security in IoT” given the importance that Security has to fulfil the promise of the Internet of Things (IoT).
And during this time I have been sharing my opinion about the key role of IoT Security with other international experts in articles “What is the danger of taking M2M communications to the Internet of Things?, and events (Cycon , IoT Global Innovation Forum 2016).
The Security has been always a tradeoff between cost and benefit
I am honest when I say that I do not known how McKinsey gets calculate the total impact that IoT will have on the world economy in 2025, even on one of the specific sectors, and if they had taking into account the challenge of the Security, but it hardly matters: “The opportunities generated by IoT far outweigh the risks”.
With increased IoT opportunity comes increased security risks and a flourishing IoT Security Market (According with Zion Research the IoT Security Market will growth to USD 464 million in 2020).
A decade of breaches and the biggest attack target yet is looming
We all know the negative impact that news about cyber-attacks has in the society and enterprises. In less than a decade and according to Data Source: ICS- CERT (US) have gone from 39 incidents in 2010 to 295 incidents in 2015.
In a survey published by ATT, the company has logged a 458% increase in vulnerability scans of IoT devices in the last 2 years.
It is a temptation for hackers to test their skills in connected objects, whether connected cars or smart homes appliances. But I'm afraid they will go far beyond attacking smart factories, or smart transportation infrastructure or smart grids.
With the millions of unprotected devices out there, the multitude of IoT networks, IoT Platforms, and developers with lack of security I am one more that believes the biggest attack target yet is looming.
With the Internet of Things, we should be prepared for new attacks and we must design new essential defences.
The complex IoT Security Threat Map from Beecham Research provides an overlayed summary of the full set of threat and vulnerability analyses that is used to help clients shape their strategies. This Threat Map “summary” many of the top 5 features from each of those analyses.
1. external threats and the top internal vulnerabilities of IoT applications
2. the needs for robust authentication & authorisation & confidentiality
3. the features and interactions between multiple networks used together in IoT;
4. the complexities of combining Service Sector optimised capabilities of differing Service Enablement Platforms;
5. the implementation and defences of edge device operating systems, chip integration and the associated Root of Trust.
The OWASP Internet of Things Project is designed to help manufacturers, developers, and consumers better understand the security issues associated with the Internet of Things, and to enable users in any context to make better security decisions when building, deploying, or assessing IoT technologies.
The project looks to define a structure for various IoT sub-projects such as Attack Surface Areas, Testing Guides and Top Vulnerabilities. Bellow the top IoT Vulnerabilities.
Subex white paper presenting their IoT solution add some real examples of these vulnerabilities.
Insecure Web Interface: To exploit this vulnerability, attacker uses weak credentials or captures plain text credentials to access web interface. The impact results in data loss, denial of service and can lead to complete device take over. An insecure web interface was exploited by hackers to compromise Asus routers in 2014 that were shipped with default admin user name and password.
Insufficient Authentication/Authorization: Exploitation of this vulnerability involves attacker brute forcing weak passwords or poorly protected credentials to access a particular interface. The impact from this kind of attack is usually denial of service and can also lead to compromise of device. This vulnerability was exploited by ethical hackers to access head unit of Jeep Cherokee2 via WiFi-connectivity. The WiFi password for Jeep Cherokee unit is generated automatically based upon the time when car and head unit is started up. By guessing the time and using brute force techniques, the hackers were able to gain access to head unit.
Insecure Network Services: Attacker uses vulnerable network services to attack the device itself or bounce attacks off the device. Attackers can then use the compromised devices to facilitate attacks on other devices. This vulnerability was exploited by hackers that used 900 CCTV cameras3 globally to DoS attack a cloud platform service.
Lack of Transport Encryption: A lack of transport encryption allows 3rd parties to view data transmitted over the network. The impact of this kind of attack can lead to compromise of device or user accounts depending upon the data exposed. This weakness was exhibited by Toy Talk’s server domain which was susceptible to POODLE attack. Toy Talk helps Hello Barbie doll4 to talk to a child by uploading the words of a child to server and provide appropriate response after processing it. Though there was no reported hack on this, such a vulnerability could easily lead to one.
Privacy Concerns: Hackers use different vectors to view and/or collect personal data which is not properly protected. The impact of this attack is collection of personal user data. This vulnerability was exemplified by the VTech hack5 wherein in hackers were able to steal personal data of parents as well as children using VTech’s tablet.
Who owns the problem?
With the IoT we are creating a very complicated supply chain with lots of stakeholders so it's not always clear 'who owns the problem'. By way of an example with a simple home application and not Super Installers around; if you buy a central heating system and controller which requires you to push a button to increase the temperature then if it stops working you contact the company who supplied it. But if you buy a central heating boiler from one company, a wireless temperature controller from another, download a mobile App from another and have a weather station from another supplier then whose job is it to make sure it's secure and reliable? The simple cop-out is to say 'the homeowner bought the bits and connected them together therefore it's their responsibility' – well I'm sorry but that isn't good enough!
Manufacturers can't simply divest themselves of responsibility simply because the home owner bought several component parts from different retailers. As a manufacturer you have a responsibility to ensure that your product is secure and reliable when used in any of the possible scenarios and use cases which means that manufacturers need to work together to ensure interoperability – we all own the problem!
This might come as a shock to some companies/industries but at some level even competitors have to work together to agree and implement architectures and connectivity that is secure and reliable. Standardization is a good example of this, if you look at the companies actively working together in ISO, ETSI, Bluetooth SIG etc. then they are often fierce competitors but they all recognize the need to work together to define common, secure and reliable platforms around which they can build interoperable products.
If Cybersecurity is already top of mind for many organizations, is justified the alarm of lack of security in IoT?
In this three last years of evangelization of IoT, it has been no event or article not collect questions or comments on IoT Security and Privacy.
The good news is that according with the ATT State of IoT Security survey 2015, 85% of global organizations are considering exploring or implementing an IoT strategy but the bad news is that only 10% are fully confident that their connected devices are secure.
Source: ATT State of IoT Security survey 2015
And if we consider the report of Auth0, it scares me that only 10% of developers believe that most IoT devices on the market right now have the necessary security in place.
In a publication from EY titled “Cybersecurity and the IoT”, the company define three Stages to classify the current status of organizations in the implementation of IoT Security.
Stage 1: Activate
Organizations need to have a solid foundation of cybersecurity. This comprises a comprehensive set of information security measures, which will provide basic (but not good) defense against cyber-attacks. At this stage, organizations establish their fundamentals — i.e., they “activate” their cybersecurity.
Stage 2: Adapt
Organizations change — whether for survival or for growth. Threats also change. Therefore, the foundation of information security measures must adapt to keep pace and match the changing business requirements and dynamics otherwise they will become less and less effective over time. At this stage, organizations work to keep their cybersecurity up-to-date; i.e., they “adapt” to changing requirements.
Stage 3: Anticipate
Organizations need to develop tactics to detect and detract potential cyber-attacks. They must know exactly what they need to protect their most valuable assets, and rehearse appropriate responses to likely attack/incident scenarios: this requires a mature cyber threat intelligence capability, a robust risk assessment methodology, an experienced incident response mechanism and an informed organization. At this stage, organizations are more confident about their ability to handle more predictable threats and unexpected attacks; i.e., they anticipate cyber-attacks.
What enterprises needs to do
If you are thinking only in the benefits of IoT without consider the Security as a key component in your strategy you will probably regret very soon. Here below some recommendations either before start your IoT journey or if you are already started. Hope is not too late for wise advices.
With the proliferation and variety of IoT Devices, IoT Networks, IoT Platforms, Clouds, and applications, during the next few years we will see new vulnerabilities and a variety of new attacks. The progress in the security technologies and processes that prevent them will be key for the adoption of IoT in enterprises and consumers.
In the future Internet of Things world an end to end security approach to protect physical and digital assets. The ecosystems of this fragmented market must understand the need of Security by Design and avoid the temptation to reduce cost at the expense of the security.
Do not stop asking for security when you buy a connected product or use an IoT Service, the temptation of time to market, competitive prices and the lack of resources must not be an excuse to offer secure IoT solutions to enterprises, consumers and citizens.
Thanks in advance for your Likes and Shares
Thoughts ? Comments ?
Note: this page contains paid content.
Please, subscribe to get an access.
Note: this page contains paid content.
Please, subscribe to get an access.
Nowadays, it’s easier than ever to power your home with clean energy, and yet, many Americans don’t know how to make the switch. Luckily, you don’t have to install expensive solar panels or switch utility companies…Continue
Without electrical engineers, everything from your home lighting to your smartphone wouldn’t work properly. Needless to say, electrical engineers make our world go round, and it’s them who spearhead the latest innovations in tech. If you’re…Continue
Nowadays, it’s easier than ever to power your home with clean energy, and yet, many Americans don’t know how to make the switch. Luckily, you don’t have to install expensive solar panels or switch utility companies…Continue