As countless IoT—Internet of Things—devices bearing complex new features and greater connectivity enter the vast IoT cosmos each day, dangers to the IoT threat landscape also rise in alarming proportion, as each device represents a portal through which malicious actors could potentially wreak havoc.
This is the world of threat mitigation, where providers of cybersecurity solutions battle new, ever-evolving perils seeking to infiltrate and destabilize the IoT ecosystem. Threat mitigation can take many forms, but the goal is the same: to deploy the solutions necessary to identify active threats and prevent them from breaking through, and to contain the threats and reduce damage if security has been breached. And because fresh threats emerge continually, perpetual vigilance—and new security solutions for defense—are constantly required for development and implementation.
These and other findings are in my new report, Threat Mitigation in IoT, which examines the threat landscape of the IoT technology ecosystem. The report also addresses the security response in threat mitigation, and the trajectory of threats discernible in trends across domain, technology, region, and vertical segmentation.
Defining the threat
The IoT market is driven by the relentless demand of end-users calling for IoT devices to sport more functionality and greater capability. Ironically, the installed base of IoT devices is the largest contributor to the IoT cybersecurity threat landscape, as every new device connected to the internet provides one more means for potential compromise. Nearly 40 billion installed IoT devices are expected by 2020, IHS Markit estimates, surging to more than 120 billion by 2030.
Meanwhile, hackers have not hesitated to seize upon opportunities presented by open or vulnerable devices. The most serious incursion occurred on October 21, 2016, in the form of the Mirai malware. Together with the subsequent botnets it created, Mirai caused the largest Distributed Denial of Service (DDoS) attack ever recorded, hitting high-profile services including Netflix, Reddit, and Twitter, and causing widespread havoc.
The costs associated with a compromised device can hit an organization on multiple fronts, and the expense to address security vulnerabilities in IoT devices, especially after they have been widely deployed, is often substantially greater than the cost of implementing security at the outset. Recognizing what this means, many manufacturers have responded by embedding security as deep into the development process as possible, hoping that data can then be protected as it goes through the entire information supply chain.
As security solutions of the past become inadequate in addressing the modern threats introduced by many newer devices, IHS Markit believes the monumental challenge to secure the expanding IoT will demand a concentrated and comprehensive effort from all contributing parties, extending throughout the entire information collection and transmission cycle.
Formulating a response
In the IoT cybersecurity market, threat mitigation solutions are defined as those including any products, services, and solutions designed to implement the necessary corrective methods to combat cyberattacks or to reduce various risks of a similar nature that may be present in an information system.
Anti-malware solutions are the primary threat mitigation solution. Malicious software, also known as malware, remains the greatest perceived threat to any information security system. In our North American Enterprise Survey of over 140 respondents, malware infections were both the primary incident encountered as well as the primary security concern among the survey participants. The ease with which malware can infiltrate and proliferate throughout organizations and their ancillary information systems remains a considerable concern.
Other examples of threat mitigation solutions and approaches include firewalls and their more comprehensive version known as next-generation firewalls (NGFW), united threat management (UTM), web application firewalls (WAF), intrusion detection and prevention systems (IDPS), DDoS mitigation, advanced threat protection (ATP), data loss prevention (DLP), penetration testing, and secure web gateway.
More detailed explanations of each solution or approach can be found in my report.
Trends and forecasts
Threat mitigation currently accounts for about 10%--one of the smaller sectors—of the IoT cybersecurity market. In third place, it is overshadowed by the need for IoT cybersecurity in the Operations and Management sector and in the Device Security sector. Even so, IHS Markit estimates that the compound annual growth rate (CAGR) of threat mitigation technologies will approach a robust 30% from this year until 2023.
The biggest market for threat mitigation is the commercial and industrial electronics sector. Given the sheer volume of IoT devices being placed inside industrial facilities to monitor and manage equipment, the attack surface within the industrial IoT landscape that could be targeted by hackers is enormous. Next in size for the threat mitigation market is the computer/enterprise sector, followed by the consumer sector.
The largest threat mitigation market is North America, with Silicon Valley in California also being a key producer of threat mitigation solutions given the area’s location as the headquarters of many cybersecurity companies. But while North America will lead for the foreseeable future, Asia Pacific will grow in importance as the threat mitigation market there expands annually in the years to come, as shown in the chart below.
One prominent proponent of threat mitigation is Japan, which has announced its intention to secure more than 200 million IoT devices operating in the country.
The Europe-Middle East-Africa (EMEA) market will keep expanding, especially with Israel’s continuing role as an incubator of innovative cybersecurity solutions. The only region where threat mitigation will remain flat is Central and Latin America (CALA), at present still a burgeoning IoT security market.
The list of vendors providing IoT threat mitigation solutions is a short one, with most of the market currently held by giant entities such as Microsoft, Dell, GE, and SAP. There are other threat mitigation vendors spread throughout all IoT security domains, including the likes of Symantec, McAfee, PAN, Cisco, and Trend Micro. The vendors in this latter group are serious IoT security solution providers as well, but they are overshadowed by Microsoft and the other revenue titans. Yet it is this same group of smaller revenue companies that lead in both threat research and technology development in IoT security. One possible path, then, that could benefit and accelerate the overall IoT threat mitigation field is for the giants to acquire a smaller player of compatible interest, the agility of the latter combining with the resources of the former to create new synergies and possibilities.
The real threat of physical harm
In a traditional information technology environment, a compromised network can result in loss of data or access to one’s own information. But while this could have disastrous consequences for a business, the cyberthreat is unlikely to cross into the physical realm and become materially dangerous or injurious. This is not the case with IoT security, where the ubiquitous nature of IoT devices makes it possible for threats to cross over from the digital world into the physical sphere.
In an industrial environment, for instance, infiltration of a plant’s manufacturing system could compromise the integrity of hardware components in moving machinery, causing tangible harm to property and personnel alike. The possibility of such a fearsome scenario is a prime reason why threat mitigation solutions are headed for growth in the industrial market.
Perhaps the physical risks associated with a compromised IoT device are the most serious in the medical field. With some hospitals having an average of 10 to 15 IoT devices per bed, the threat landscape to be managed is enormous, and a cyberattack that breaches a hospital’s systems could spell lethal consequences for patients. Like the industrial environment, the critical nature of medical systems and devices is also the reason why threat mitigation can expect growth in this field.
The Threat Mitigation in IoT Report – 2019, is offered in two research service areas, Enterprise & IT and Security Technology. In Enterprise & IT, the report is included in the two research categories of Enterprise IT Security and M2M, IoT & Connectivity. In Security Technology, the report is included in the research category of Cybersecurity & Digital ID.
Contact us for more details or if you wish to become a subscriber.