Report highlights cybersecurity implications of IoT for India – Technologist

While the ongoing election in India has yet to decide if Prime Minister Narendra Modi will remain in power, The Wall Street Journal reported on the Indian economy under his five-year premiership.

Under Modi, initiatives such as the Smart Cities Mission, Digital India, Startups in India and Make it India have been launched.

As Future IoT reported in January 2018, India is taking the well-trodden path to digital transformation with an eye on the prize: a US$1 trillion economy by 2022. Somewhere in this grand vision is the reality of 5 billion connected IoT ecosystem.

“Cybersecurity for Industry 4.0,”  a joint study conducted by The Associated Chambers of Commerce and Industry of India (ASSOCHAM) with global professional services firm Ernst & Young (EY) noted that the focus of governments and industries had indeed shifted to technologies like Internet of Things (IoT), artificial intelligence (AI), blockchain, robotics, and other advanced technologies.

The IoT phenomenon, for one, is one of the most disruptive technologies changing the way organizations function and carry out business, according to the report.

“Devices and sensors are used to collect data from everywhere – home, cars, office, manufacturing plant, hospital, etc. The data is collected and processed to automate responses or provide tools for decision making. IoT is aimed at increasing efficiency and productivity while conserving resources,” it said.

Under the government’s Smart Cities Mission, for example, 100 smart cities will be developed where  IoT will be used in the applications like smart parking, tele-care, intelligent transport system, citizen safety, smart urban lighting, smart grid, and water management, to name only a few.

As of January 2018, some 99 cities have already been selected to be upgraded as part of the initiative, which was launched in 2015 with a funding ₹98,000 crore (US$14 billion).

As expected, security implications will be enormous.

“Estimates have been made that internet-connected things will outnumber humans 4-to-16. Even if a few of these devices are not secured properly, cyber criminals will have easy access in to the IoT network and would be able to disrupt the services,” the report cited.

However, it also mentioned that to date, only 4% of organizations in the country are confident that they have fully considered the information security implications of their current strategy. Hence, the government and organizations needs to step in.

This echoes a similar survey conducted by security firm Trend Micro in April and May 218 that only 14 percent of respondents say they have a complete organizational awareness of IoT threats.

The report believes that the way forward for India is for governments and organizations to focus on a framework that provides an integrated approach to cybersecurity, including developing capabilities for threat detection and employing the use of AI to recognize patterns for smart monitoring of the IT infrastructure.

Another approach it offered is “security by design,” which means that security is built in from the beginning of software and hardware development.

California’s cybersecurity law, signed in September 2018, as well as the UK government’s ‘world first’ IoT Code of Practice, introduced in November 2018, both use this approach.

“The need for security by design has become crucial as tech companies continue to churn out a myriad of IoT objects for consumers and enterprises,” the ASSOCHAM-EY report affirmed.

“Cybersecurity should no longer be viewed as a function of information technology or information security alone. It needs to form an integral part of culture and strategy of the organization,” the report concluded.