Risk
6/18/2013
12:51 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Frost & Sullivan: Further Progress In M2M Toward Internet Of Things Requires A Focus On Security Risks

Strong focus on security necessary to drive continued M2M deployment in enterprises

LONDON, June 18, 2013 /PRNewswire/ -- In the next phase of M2M market development that is moving towards an Internet of Things (IoT) future, security requires a holistic approach. Huge increases are expected in the number of machines and objects that communicate with humans and other machines/objects, each processing real-time (or near real-time) data. In such an M2M world, security must become a core component of an enterprise's consideration when using M2M to achieve business objectives.

"Traditional M2M deployments have security solutions embedded within the network, with the integrity of the underlying communications network being boosted by existing network security solutions," explained Frost & Sullivan Senior Industry Analyst, ICT, Yiru Zhong. "M2M value chain participants - integrated chips manufacturers, SIM card vendors, manufacturers of M2M modules and communication-enabled devices as well as connectivity network providers - have always embedded security solutions within their own products. One of the common comments from these vendors when asked about enterprise adoption of more secure hardware in the lower levels of an M2M network is that current M2M deployments do not actually require a higher level of security. However, in future scenarios, security risks could be magnified or prevalent because of the way M2M applications will be delivered."

For example, such key ICT trends as cloud computing, increasing enterprise and personal mobility, and Big Data, will affect the way security risks materialise in a generic M2M architecture. While there is no doubt that enterprise reliance on machine data and resultant intelligence will increase - especially as technology tilts the cost-benefit equation through greater efficiency, productivity, and the potential for new revenue streams - security will be a key requirement by enterprises considering M2M deployments.

"In addition to the tremendous number of devices and objects that are going to be connected through communications networks, future M2M deployments will reach deeper into enterprise operations," observed Zhong. "Coupled with the development of IoT, this will mean that enterprise M2M deployments could potentially be connected to other systems to enable a true connected-society.

The potential application of Big Data in such a setting will demand a well-defined risk analysis policy in terms of data security, trust, and privacy."

Ericsson's prediction of 50 billion connected devices by 2020 that would create a truly "networked society," has seven years to go. ICT industry participants, as well as standardisation and international bodies, are already working towards a viable and sustainable ICT framework for M2M progression. These workgroups will have to incorporate both the needs of enterprises and behaviour of digital citizens in the next generation M2M and IoT scenarios. The outcomes will go a long way in helping ICT industry participants define future security considerations and propose solutions for the safe operation of a connected world.

"Since enhanced security will begin at the lower layers of M2M architecture, M2M modules manufacturers, connectivity providers, and application enablement platform firms will all play important roles in the creation of a market leading portfolios and building a strong ROI business case for enterprises to deploy M2M," summarised Ms Zhong.

If you are interested in more information on Security Challenges in #SmartCommunities, please send an e-mail to Joanna Lewandowska, Corporate Communications, at joanna.lewandowska@frost.com, with your full contact details.

Frost & Sullivan has also launched recently the next issue of its #Smart Communities Journal. You can view the content on Slide Share.

#SmartCommunities as a hashtag reflects Frost & Sullivan's belief that ICT is a key tool for communities - regardless of their characteristics - to serve citizens and organizations more efficiently and in a sustainable manner.

About Frost & Sullivan

Frost & Sullivan, the Growth Partnership Company, works in collaboration with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today's market participants.

Our "Growth Partnership" supports clients by addressing these opportunities and incorporating two key elements driving visionary innovation: The Integrated Value Proposition and The Partnership Infrastructure.

-- The Integrated Value Proposition provides support to our clients

throughout all phases of their journey to visionary innovation

including: research, analysis, strategy, vision, innovation and

implementation.

-- The Partnership Infrastructure is entirely unique as it constructs the

foundation upon which visionary innovation becomes possible. This

includes our 360 degree research, comprehensive industry coverage,

career best practices as well as our global footprint of more than 40

offices.

For more than 50 years, we have been developing growth strategies for the global 1000, emerging businesses, the public sector and the investment community. Is your organisation prepared for the next profound wave of industry convergence, disruptive technologies, increasing competitive intensity, Mega Trends, breakthrough best practices, changing customer dynamics and emerging economies?

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5208
Published: 2014-12-22
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbit...

CVE-2014-7286
Published: 2014-12-22
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.

CVE-2014-8015
Published: 2014-12-22
The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400.

CVE-2014-8017
Published: 2014-12-22
The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673.

CVE-2014-8018
Published: 2014-12-22
Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur1...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.