Tag Archives: HVAC

5 Predictions for the IoT in 2017

The IoT continued its toddler-like growth and stumbles in 2016. Here are five trends to look for in 2017 as the IoT enters its adolescence and how to benefit from them.

1. Ecosystems begin to determine winners and losers

Previously these were nice in-the-future concerns; now they will really count. Filling out a whole product value proposition through partnerships has repeatedly proven its importance across B2B and enterprise software sectors. In the IoT, they will be even more critical.

As an example, the Industrial Internet Consortium (IIC) is driving the definition of platforms and test beds and should show results in 2017. In the meantime, expect some IoT companies to fail when they can’t gain traction.

If you’re developing IoT infrastructure or platforms, it’s time to get real, regarding building great partnerships, developer programs, tools, incentives and joint marketing programs. Without them, your platform may appear like an empty shopping mall.

If you’re a device manufacturer or application developer, it’s time to place your platform bets so you can focus your resources. If you’re implementing IoT-based systems, you’ve been through this before. Welcome to the next round of the industry’s favorite game, “choose your platform.” Make sure you also evaluate vendors based on their financial health, business models and customer service — not just technology. Learn more in Monetizing IoT: Show me the Money in the section “Ecosystems as the driver of value.”

See also: Insurance and the Internet of Things

2. Vendors get serious about experimenting with business models and monetization

This was a big theme at Gemalto’s recent LicensingLive conference and was further driven home by solution partners like Aria Systems. Tech won’t sell if it’s not packaged so that buyers want to buy. Look for innovation in business models and pricing, including subscription models, pay per use, recurring revenue, subsidization or replacement of hardware device revenues with service revenues, monetizing customer data and even pay-per-API call models. If you’re marketing whole solutions, be sure to avoid the “partial solution trap” as described in my article, The Internet of Things: Challenges and Opportunities.

3. Big Data gets “cloudier” (pun intended)

No doubt there will be a lot more data with billions of new connected devices. Not just text and numbers but also images, video and voice can all add significant monetization opportunities to different participants in the value chain. More devices mean more data, more potential uses and more cooks in the kitchen. This is a complex cluster of issues: Do not expect a resolution of ownership, privacy or value in 2017.

Instead, approach this by building a clear vision of what you want and don’t want with respect to data rights as you enter these discussions. And try to anticipate the genuine needs of your partners. Device manufacturers will likely have a going-in desire to own data produced by their devices; and apps developers, the data they handle; others may be okay with aggregated info. Buyers should make sure they understand what’s happening with their potentially sensitive data. We have already started to see partnerships and deals stall out over intense discussion on data ownership and rights.

4. You’ll need to prove your security, with privacy not far behind

2017 IoT systems are going to need to up their game. No one is going to stand for hacked doorlocks, video cameras or Mirai botnet/DDoS attacks via connected devices much longer. Similar events will come with very high price tags. So far, the IoT has dodged any major incidents with large losses suffered directly by end users.

We could see growth flatten if a major hack of thousands of end users occurs in 2017, especially if hardware devices are ruined or people get hurt. At that point, users will need to receive greater guarantees of security, privacy and integrity. This risk needs to be mitigated if the industry wants to avoid an “IoT winter.”

Vendors will need to invest more in security development and testing before deployment and offer assurances, possibly including insurance. Installers and integrators will need to ensure ecosystem integrity, and buyers will look for these guarantees. Just one flaw could be very expensive: Gartner believes that by 2018 20% of smart buildings will suffer digital vandalism through their HVAC, thermostats and even smart toilets.

5. Voice-powered, AI virtual assistants drive a next round of platform wars

Voice will become increasingly important to control IoT systems and computing infrastructure. Google Assistant, Apple Siri, Amazon Alexa, Microsoft Cortana and Samsung’s Viv Labs acquisition underscore the importance of these new AI-assisted voice interfaces. They’ll be used across multiple devices like phones, PCs, tablets, cars, home appliances and other machinery. By 2020, Gartner believes smart agents will facilitate 40% of mobile interactions. This is the beginning of a new round of platform battles that you need to recognize, internalize and prepare for.

See also: How the ‘Internet of Things’ Affects Strategic Planning

What do you think? Email me with your predictions, comments or war stories.

You can find the original article here.

Third Parties Pose Problems With Cyber

In today’s cyber world, business is done digitally. Trusted cyber relationships between partners must be formed to effectively conduct business and stay at the forefront of innovation and customer service. Having these trusted partnerships comes with a major drawback, however.

Look at it from this perspective: If your organization is the target of a malicious actor, yet they find your defenses too difficult to penetrate, the attacker can use a partner company to find a way in. Depending on the difficulty, the attackers could target multiple third parties in an attempt to gain access to your network.

The important factor to keep in mind here is that just because your organization may have top-notch security practices in place, it does not mean your partners do, and they can be targeted for their valuable insider access to your systems.

Related story: Third-party vendors are the weak links in cybersecurity

Third-party companies, no matter how trivial they may seem to your everyday operations, need to be thoroughly vetted. If they are given secure insider access as part of doing business with your organization, their systems must be reviewed and assessed for security vulnerabilities. The adage, “you’re only as strong as your weakest link,” could not be more true when it comes to third-party vulnerabilities.

Coming to grips with risk

Partners may think of themselves as unlikely targets, but even your HVAC vendor could be creating a gaping hole in your security network that malicious actors may use to gain access to your sensitive information.

For example, financial enterprises have extremely large networks of third-party vendors and partners, from payment processors and auditors to Internet providers and other financial institutions. Being able to map your third parties’ public Internet space and network presence allows you to identify indicators of compromise and risk that paint an accurate depiction of your partners’ potential attack surface.

When we think of potential targets for hacking, we naturally think of big companies or government agencies-organizations that have large volumes of critical and sensitive data. But because these organizations typically have the funds and resources to implement sophisticated security, they are usually not the weak link when it comes to an attack.

Because these organizations cannot be easily accessed, malicious actors adjust their attack strategies to use alternate paths to their desired goal-less secured partners with privileged access. Once a vulnerable company is compromised, its trusted access into other partners allows malicious actors to bypass security controls with exploits that didn’t work previously. Adversaries now are free to roam the connected partner networks, essentially undetected.

Dealing with the problem

The moral here is that insider threats don’t necessarily have to come from within an organization. Trusted third parties, once compromised, create significant security risks to sensitive data. Organizations must look beyond their own defensive perimeters and consider monitoring their partners to better understand their complete attack surface-especially large and complex organizations in which new services are frequently delivered on outward-facing infrastructures.

Understanding the complete attack surface not only provides the intelligence to prevent abuse, but it provides insight into how an attacker may view a path of attack. Additionally, gaining insight into third-party partners, vendors and suppliers is crucial in creating an informed and dynamic risk management program.

Most organizations are busy enough dealing with their own IT infrastructure, so double-checking the risks associated with their partners may not be at the top of their priority list. However, in today’s cyber threat landscape, if you don’t take into account the security posture of your partners, you will never be able to truly mitigate your risk and are leaving gaps in your defenses for anyone to access your critical information.

This article was written by Jason Lewis. Lewis is the chief collection and intelligence officer at LookingGlass. Lewis is a network analyst who has technology initiatives in the private and public sectors.