Looking at the two studies over a five-year period, it’s clear that there  are more companies not just
            thinking about the technology, but also planning to roll out IoT initiatives. These include more established
            uses cases for security and surveillance, distribution automation and advanced meter infrastructure. But
            it’s encouraging to see growing enthusiasm for other IoT applications designed for smart cities, including
            traffic management, smart parking, and electric vehicle charging.

            So, with the market maturing and a growing range of IoT solutions and devices available, organizations
            are becoming more ambitious and open to the idea of planning and deploying services and applications.
            Such projects, however, can remain challenging.

            Fewer security worries, but data privacy concerns grow

            Security remains a challenge for some organizations, but it’s becoming less of a concern five years’ on.
            Respondents ranking security as one of their ‘top three challenges when rolling out IoT’ fell from 58% in
            2017 to 24% in 2022.

            The number of respondents viewing it as a technical challenge also fell, from 65% in 2017 to 42% in
            2022, indicating fewer concerns, but still highlighting it as an issue. Organizations might be less worried
            about security, but it is still on their risk list.

            While security is seen as less challenging than it used to be, there are growing fears over data privacy.

            IoT projects like smart metering, streetlighting and smart city applications using hundreds and possibly
            thousands of devices and sensors, have the potential to generate huge amounts of data. Even if this
            information is secure, handling it responsibly represents a privacy risk. Managing large volumes of data
            is  technically  difficult,  especially  when  regulators  interpret  it  as  sensitive  personal  information.
            Organizations who mishandle or misuse it risk running into compliance issues.

            Data privacy regulation was ranked the second-highest political, economic, or social challenge for IoT
            adopters, with 36% placing it in their top three just behind the need to reprioritize spending due to Covid
            and ahead of budget cuts resulting from the pandemic.

            Fears over big data have jumped to 19% from 11% placing it in their top three IoT rollout challenges in
            the last five years, and one in four respondents citing regulatory concerns.


            This is no surprise given the focus on data protection in recent years. Since our first study, stricter privacy
            laws  have  put  pressure  on  organizations  to  protect  sensitive  data,  including  the  introduction  of  the
            General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and other privacy
            regulations.

            There’s evidence of a growing number of attacks targeted at IoT devices, applications, and services in
            recent years, leading to the launch of denial of service (DDoS) attacks. Mirai is perhaps the most well-
            known IoT attack. Dating back to October 2016, it took advantage of insecure IoT devices, such as CCTV
            and routers, to launch a massive DDoS attack. Astonishingly, it’s still used today by malware developers
            to attack vulnerable systems, from manufacturing to critical infrastructure.









            Cyber Defense eMagazine – September 2022 Edition                                                                                                                                                                                                         95
            Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.