When it comes to the awareness of how the Internet of Things will impact their organizations’ security strategy, Philippine IT leaders rank highest among peers in major Southeast Asian countries, according to the findings of a survey conducted by Intel Security.
The survey examines Southeast Asian IT leaders’ outlook towards the Internet of Things (IoT) and its impact on the security strategy of the businesses. The survey was conducted in Singapore, Malaysia, Thailand, Indonesia and Philippines, and showcases widespread analysis from key players in IT organizations, from CEOs to developers to system administrators.
Of the countries surveyed, Thailand ranked lowest in its IoT security awareness with only 39 percent of IT leaders recognizing the need for enhancements to be made to their security controls to secure their IoT while Philippines ranked highest as the most aware at 53 percent. Singapore, the country with the highest mobile penetration globally, stood at 42 percent, while Malaysia and Indonesia stood at 46 percent and 40 percent respectively.
The survey findings may come across as surprising at a time when Southeast Asia is being considered the biggest penetration market for IoT devices globally. While the IoT market size in Asia Pacific is expected to grow to US$862 billion in 2020 according to IDC, Intel Security predicts that growing vulnerabilities arising from new technologies such as DDoS attacks and spammed devices will open up new possibilities to hackers and cybercriminals.
When asked about their preferred solutions to improve their organizations’ security levels against the backdrop of an IOT implementation, IT leaders from almost all countries agreed on advanced security technologies as being the most important. Other solutions preferred by all the countries include enforcing better employee security awareness, setting up IT steering committees and increasing security department staff.
While these various measures are highly paramount to any organization’s security architecture, Intel Security suggests the adoption of a holistic approach towards security that involves a combination of various technologies and user education.
IoT is set to be the next disruptive technology with the broadest economic impact globally, with the potential to be worth an estimated US$36 trillion in operating costs. While there are significant economic benefits to collecting and opening up data for sharing, there is also the danger of data being misused. In the light of massive data breaches and data thefts in recent years, substantial efforts are needed to secure IoT-related data across businesses.
While improved architecture is vital, the efficiency and effectiveness of organizations’ education programmes in ensuring their employees adhere to security policies is equally significant to ensure maximum safety.
Of the countries surveyed, almost all the IT leaders believed that better detection and analysis tools would be most relevant to ensuring security. IT leaders from Singapore, Malaysia and the Philippines believed more training around managing incidence response issues over multiple networks would also be useful, while those from Thailand and Indonesia believed more IT security staff would help.
Craig Nielsen, Managing Director, South East Asia, Intel Security said, “Security is an important aspect of IoT that needs to be addressed urgently. Intel Security predicts that these systems will reach substantial enough penetration levels that they will attract attackers. With the evolving threat landscape, security needs to cut across the entire IoT spectrum, whether it is protecting devices, putting in access control measures, writing security codes, or looking at security from a policy perspective.“
He added, “Effective static and dynamic analysis tools, along with cloud-based threat intelligence, are key to analysing files to gauge whether they are benign or malicious. Intel Security believes that technology vendors and vertical solution providers will need to work cohesively to establish user safety guidance and industry best practices, as well as build security controls into device architectures wherever appropriate.”
Recommendations from Intel Security
Intel Security says it is addressing security by providing long-term assured functionality and other core security capabilities for a vast array of current and future IoT use cases. To effectively secure these IP connected devices, security needs be part of the design and not an afterthought.,
According to Intel Security, organizations need to adopt a comprehensive IoT strategy that includes:
- A secure and holistic solution for information-rich environments across multiple environments and devices
- Assurance that devices are operating as intended by the manufacturer and have not been corrupted
- Life cycle security across the device, network, and data center
Support for industry standards and device interoperability - Ability to solve Information Technology/Cloud services challenges in connecting legacy and new systems to new and future services
- Technology to assure individual privacy
