AT&T, IBM, Nokia and Symantec form IoT security alliance
February 15, 2017
AT&T, IBM, Nokia, Palo Alto Networks, Symantec and Trustonic have formed the IoT Cybersecurity Alliance to help tackle IoT security problems.
The alliance combines security providers and IoT experts, and will research and raise awareness of ways to secure the IoT ecosystem.
As the number and kinds of connected devices multiply, so have the security risks. In the past three years, AT&T has seen a 3198 per cent increase in attackers scanning for vulnerabilities in IoT devices.
Business leaders recognise the potential threat IoT devices designed without security in mind might pose for their organisations. AT&T surveyed companies in 2016, and more than half said they were not confident in the security of their IoT devices.
"The explosive growth in the number of IoT devices is only expected to continue, therefore, so must the associated cyber-security protections," said Mo Katibeh, AT&T senior vice president. "Today's businesses are connecting devices ranging from robots on factory floors to pacemakers and refrigerators. Helping these organisations stay protected requires innovation across the whole IoT ecosystem to enable sustainable growth."
Alliance members believe the key to IoT security lies in protecting all devices at the endpoint, network, cloud and application layer, and using overarching threat analytics to study the overall ecosystem and designing products with a built-in, always-on security approach.
Alliance members want to advise users and educate the industry on the cyber-security measures needed to create a safer IoT ecosystem, foster collaboration and advance innovation with cyber-security and IoT thought leaders.
Specifically, goals of the alliance are to:
- Collaborate and research security challenges of IoT across verticals and use cases such as connected cars, industrial, smart cities and healthcare. The alliance will take use cases or business challenges in IoT cyber-security to dissect and advance security concerns and identify ways to implement security across the value chain.
- Dissect and solve IoT security problems at every critical layer of security. These include the endpoint, connectivity, cloud, and data and application layers. The alliance includes experts at each of these layers to help educate businesses and consumers on how to protect their connections.
- Make security easy to access across the ecosystem. Security needs to exist across the value chain. Users will benefit from IoT services and infrastructures that can withstand the ever-evolving threat landscape.
- Influence security standards and policies. Using each group member's leadership and expertise will raise awareness of cyber-security. It will engage regularly with policymakers and other organisations.
"Be it a connected car, pacemaker or coffee maker, every connected device is a potential new entry point for cyber attacks," said AT&T chief security officer Bill O'Hern. "Yet, each device requires very different security considerations. It's become essential for industry leaders and innovators like those in the founding members of this alliance to work together to help the industry find more holistic security approaches for the IoT."
The alliance brings together market leaders in device security, connectivity, data, cloud and applications. This combined effort hopes to create the opportunity for end-to-end IoT security to help businesses continue to grow and compete in the changing market.