With a minimum on 20 thousand million devices predicted to be connected to Internet by 2020, Internet of Things is here to stay. Although it has many undeniably positive effects, the related risks and threats are multiple and are evolving very quickly.
For this reason, ENISA (European Union Agency for Network and Information Security) and Europol have joined forces to address these security challenges along with members of the private sector, police and security sector, the Community Emergency Response Team (CSIRT), the general public and academia.
Internet of Things is a broad and diverse ecosystem in which devices and interconnected services gather, exchange and process data to dynamically adapt to a context. This means that our cameras, televisions, washers and heating systems are “intelligent” and create new opportunities for our way of working, interacting and communicating, and as devices react and adapt to us.
It is important to understand the need to secure these connected devices and develop and implement appropriate security measures to protect the Internet of Things from cybernetic threats. Apart from technical measures, the adoption of Internet of Things has created many legal and legislative challenges, which are new and have far-reaching and complex effects. To address such challenges, cooperation between different sectors and between different actors is essential.
The work of Europol, along with the determination of all pertinent international actors to ensure the numerous benefits of the Internet of Things can be fully appreciated, together address the security challenges and the fight against the illegal use of these devices, making cyberspace a safer place for all:
- The need for more cooperation and the participation of multiple interest groups to deal with inoperability, as well as security problems, especially with the emerging development of the 4.0 industry, autonomous vehicles and the arrival of 5G.
- How to ensure that the final device can become technically difficult and expensive to acquire, the focus must therefore be to secure the architecture and the underlying infrastructure, creating trust and security in different networks and domains.
- There is the need to create stronger incentives to address security problems related to the Internet of Things. This means achieving an optimal balance between opportunity and risk in a market in which scalability and time to market prevail, placing security as a differentiating commercial advantage.
- To efficiently and effectively investigate the criminal abuse of the Internet of Things, deterrence is another dimension which requires close cooperation between the application of the law, the CSIRT community, the security community and judicial authority.
- This creates an urgent need for the application of the law to develop the necessary technical skills and experience to successfully combat the fight against cybercrime related to the Internet of Things.
- These efforts must be complimented by increasing awareness of end-users of the security risks of devices.
- Taking advantage of initiatives and existing frameworks, a multidisciplinary focus is required to combine and complement actions at a legislative, regulating and political level, and the technical level to secure the ecosystem of the Internet of Things.