The internet of things (IoT) is predicted to grow from 2 billion objects in 2006 to 200 billion by 2020, according to Intel. This equates to approximately 26 smart objects per person. While the IoT provides us with a growing array of benefits—from health care to home monitoring—its rapid expansion also makes securing all of our devices a challenge. As IoT grows, “the need for security and privacy becomes even more [dramatic],” says Jesse Clark, an online MBA student in UNC Kenan-Flagler’s [email protected] program. As the need for security and privacy grows so too will the need for cybersecurity education to help us balance the ability to enjoy its benefits with remaining safe and secure. This is especially true in the public sector, where a dearth of cybersecurity talent could have a significant impact.
IoT Security Risks
According to TechWorld, “The Internet of Things is about connecting internet-enabled devices that relay information back to us, to cloud-based applications and to each other (device to device). These ‘smart’ devices can be anything from mobile phones, fridges, washing machines to wearables, medical equipment or jet engines.” There’s a great deal of excitement about the level of convenience that connected living offers, but as Bernard Moon, co-founder and general partner at SparkLabs Global Ventures writes in a recent article for TechCrunch, “Most of the IoT space is relatively unsecured, so this is a high priority for private and public sector leaders. From Jeep hacks to baby monitors, people have been shown how unsecure connected devices really are.”
Since the IoT has such an expansive footprint, you may be more connected than you may think. For example, if you have an app on your phone that communicates with something else, an unsecure connection or unknown malware within the app could expose you to risk. In fact, even some apps used for the 2016 Olympics have been identified as unsafe by security experts. What’s more, if your agency allows you to bring your own device and use it at work—that risk could spread to your agency’s network.
Focus on Cybersecurity Education
In the face of such dynamics, cybersecurity education is needed at all levels in the public sector—for those who are less tech savvy and less aware of the risks—and to fill the technology ranks at government agencies. With the lure of better positions and perks, the private sector is creating a “brain drain” in the public sector when it comes to cybersecurity expertise. At a recent forum, Rodney Petersen, director of the National Initiative for Cybersecurity Education (NICE), highlighted how the demand for skilled workers is outpacing supply, and underlined the need for creativity and cybersecurity education: “Really, what NICE is trying to do is integrate and develop an ecosystem of cybersecurity education, training, and workforce development across the public and private sectors.”
In addition to this and other efforts, the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security lead National Cyber Security Awareness Month (NCSAM) each October. This initiative is designed to engage and educate private and public sector partners to help raise awareness about cybersecurity and provide tools to help improve online safety. Last year, an entire week was dedicated to security issues related to the IoT. As Michael Kaiser, executive director of NCSA noted, “The emerging world of IoT has the potential to be a transformational technology. To reap its many benefits, the world of IoT must be safe, secure and trusted. Individuals and businesses that adopt IoT should be sure they know how to keep the devices secure, understand what data is being collected and where its being stored, and how to take advantage of any available user controls for the device.”
With the IoT expanding so rapidly, it’s more important than ever to remember the message of NCSAM:
STOP. THINK. CONNECT.: take time to understand the risks of the Internet and how to spot a problem, think about how your online actions can impact your safety, and enjoy the Internet with greater confidence.