Risk
6/18/2013
12:51 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Frost & Sullivan: Further Progress In M2M Toward Internet Of Things Requires A Focus On Security Risks

Strong focus on security necessary to drive continued M2M deployment in enterprises

LONDON, June 18, 2013 /PRNewswire/ -- In the next phase of M2M market development that is moving towards an Internet of Things (IoT) future, security requires a holistic approach. Huge increases are expected in the number of machines and objects that communicate with humans and other machines/objects, each processing real-time (or near real-time) data. In such an M2M world, security must become a core component of an enterprise's consideration when using M2M to achieve business objectives.

"Traditional M2M deployments have security solutions embedded within the network, with the integrity of the underlying communications network being boosted by existing network security solutions," explained Frost & Sullivan Senior Industry Analyst, ICT, Yiru Zhong. "M2M value chain participants - integrated chips manufacturers, SIM card vendors, manufacturers of M2M modules and communication-enabled devices as well as connectivity network providers - have always embedded security solutions within their own products. One of the common comments from these vendors when asked about enterprise adoption of more secure hardware in the lower levels of an M2M network is that current M2M deployments do not actually require a higher level of security. However, in future scenarios, security risks could be magnified or prevalent because of the way M2M applications will be delivered."

For example, such key ICT trends as cloud computing, increasing enterprise and personal mobility, and Big Data, will affect the way security risks materialise in a generic M2M architecture. While there is no doubt that enterprise reliance on machine data and resultant intelligence will increase - especially as technology tilts the cost-benefit equation through greater efficiency, productivity, and the potential for new revenue streams - security will be a key requirement by enterprises considering M2M deployments.

"In addition to the tremendous number of devices and objects that are going to be connected through communications networks, future M2M deployments will reach deeper into enterprise operations," observed Zhong. "Coupled with the development of IoT, this will mean that enterprise M2M deployments could potentially be connected to other systems to enable a true connected-society.

The potential application of Big Data in such a setting will demand a well-defined risk analysis policy in terms of data security, trust, and privacy."

Ericsson's prediction of 50 billion connected devices by 2020 that would create a truly "networked society," has seven years to go. ICT industry participants, as well as standardisation and international bodies, are already working towards a viable and sustainable ICT framework for M2M progression. These workgroups will have to incorporate both the needs of enterprises and behaviour of digital citizens in the next generation M2M and IoT scenarios. The outcomes will go a long way in helping ICT industry participants define future security considerations and propose solutions for the safe operation of a connected world.

"Since enhanced security will begin at the lower layers of M2M architecture, M2M modules manufacturers, connectivity providers, and application enablement platform firms will all play important roles in the creation of a market leading portfolios and building a strong ROI business case for enterprises to deploy M2M," summarised Ms Zhong.

If you are interested in more information on Security Challenges in #SmartCommunities, please send an e-mail to Joanna Lewandowska, Corporate Communications, at joanna.lewandowska@frost.com, with your full contact details.

Frost & Sullivan has also launched recently the next issue of its #Smart Communities Journal. You can view the content on Slide Share.

#SmartCommunities as a hashtag reflects Frost & Sullivan's belief that ICT is a key tool for communities - regardless of their characteristics - to serve citizens and organizations more efficiently and in a sustainable manner.

About Frost & Sullivan

Frost & Sullivan, the Growth Partnership Company, works in collaboration with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today's market participants.

Our "Growth Partnership" supports clients by addressing these opportunities and incorporating two key elements driving visionary innovation: The Integrated Value Proposition and The Partnership Infrastructure.

-- The Integrated Value Proposition provides support to our clients

throughout all phases of their journey to visionary innovation

including: research, analysis, strategy, vision, innovation and

implementation.

-- The Partnership Infrastructure is entirely unique as it constructs the

foundation upon which visionary innovation becomes possible. This

includes our 360 degree research, comprehensive industry coverage,

career best practices as well as our global footprint of more than 40

offices.

For more than 50 years, we have been developing growth strategies for the global 1000, emerging businesses, the public sector and the investment community. Is your organisation prepared for the next profound wave of industry convergence, disruptive technologies, increasing competitive intensity, Mega Trends, breakthrough best practices, changing customer dynamics and emerging economies?

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6335
Published: 2014-08-26
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and ...

CVE-2014-0480
Published: 2014-08-26
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL ...

CVE-2014-0481
Published: 2014-08-26
The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a d...

CVE-2014-0482
Published: 2014-08-26
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors relate...

CVE-2014-0483
Published: 2014-08-26
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a to_field ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.