>> TWITTER @Cisco_IoT #IoTChat - TOPIC: IoT SECURITY

I do not normally get into online debates - but I joined this weeks #IotChat!

Every Wednesday @Cisco_Iot hosts an online discussion around specific IoT related topics where twitter users can answer a set of questions posted and open up discussion around such points. The topic for yesterday (3rd September) is a hot favourite right now - security within IoT. I joined in the discussion and was happy to see so many interested in this topic.

The discussion started at 9pm CET (11am PT, 2pm ET) and continued for just over an hour - while it isn't feasible to post every comment here, I figured it would be good to provide a list of question and discussion links on twitter directly which you can then dig around in.

• QUESTION 1 - answers and discussion available here
• QUESTION 2 - answers and discussion available here
• QUESTION 3 - answers and discussion available here
• QUESTION 4 - answers and discussion available here
• QUESTION 5 - answers and discussion available here
• QUESTION 6 - answers and discussion available here
• QUESTION 7 - answers and discussion available here
• QUESTION 8 - answers and discussion available here

twitter has a great little advanced search capability to let you search for a topic/keywords within a specific date range which makes summarizing this for everyone to view a much easier task (enjoy). But what exactly are the takes from this small online discussion?

@SecureRF highlighted very early on (correctly so) that security is not just encrypting data - while encryption plays an important role in security, topics such as authentication, integrity, confidentiality and non-repudiation all fall under the security bucket. It can all be managed with well thought out design and architectures put in place - "think" like a hacker.

It is clear that while there is a major concern with IoT security, the industry is a long way from really addressing the problem. Consortium groups are being established to set standards on how devices should talk to each other, or companies are offering "secure" cloud services - but as I have said in earlier posts, that's not enough.

There needs to be an industry wide focus to make security the most important aspect of IoT - not only from an implementation point of view, but also from a consumer awareness point of view; consumers are the ones that will suffer when their privacy is compromised or their appliances are high jacked for not-so-nice purposes.

No system is 100% fool proof, given the right amount of resources, motivation and skill - someone will find a way; all that is needed is to stay two steps ahead and be prepared for making changes to adapt as security needs change.