The Internet of Everything (IoE) represents a revolution in connectivity
that will fuel unprecedented economic growth and brings with it the potential
for enormous societal benefits. It is creating a “connectivity economy” that
brings together people, networks, and devices to generate greater efficiencies,
improved reliability, new capabilities, and richer experiences. The growth of IoE is happening at an
accelerated rate as evidenced by the explosive growth of networks, big data,
data analytics, cloud computing, and mobile applications and devices.
By some estimates, we can anticipate IoE to create between
$14 trillion and $15 trillion in economic growth over the next decade, with the
potential to increase corporate profits by nearly 21 percent in the same
period.
The rapid adoption, growth, and spread of IoE is
inevitable. But even as we see massive
growth in IoE, we must also acknowledge and work to mitigate the considerable
risk associated with these advances. Reliable
security and continued “public trust” in IoE are fundamental to the success of
the IoE revolution.
Some of the more perplexing risks include the exponential
growth of new attack vectors as more and more devices are plugged into the
network, presenting new vulnerabilities, and the ability to remotely cause
physical destruction - or death - through the Internet.
Public trust in security over the IoE infrastructure is
critical to the successful proliferation and adoption of new technologies. Would you climb aboard an autonomous vehicle
if you didn’t trust the security of the platform? Would you be comfortable with a fleet of
autonomous UAVs flying overhead if you thought their security could be
compromised? Would you sleep well at
night if you thought your home security system was hackable?
And what about SCADA systems that allow remote access and
control of critical infrastructure at power plants, factories, water treatment
facilities, and oil and gas pipelines? Let’s
not forget about systems that help manage airports, ports, and the space
station. Presently, the public generally
has trust in the security of our critical infrastructures, but with the advance
of IoE and the proliferation of devises with access to these systems, we must
work to insure that new risks are mitigated and public trust is maintained.
This raises interesting public policy questions related to
the proper of role of government in securing IoE. One major function of government is
leadership. Government leadership is
needed to convene stakeholders in a way that allows for the thoughtful creation
of standards and protocols to address security, resilience, and recovery. In the U.S., NIST has taken on that role by
administering the National Strategy for Trusted Identities in Cyberspace
(NSTIC). Going forward, government
leadership will be needed to establish or designate a standing body to monitor
and mitigate situations as they arise.
There are an infinite number of examples we can imagine where
IoE vulnerabilities could be exploited, and with the rapid proliferation of IoE
we must act soon to secure the platform or risk being overwhelmed by security
gaps. That’s why it is important to act
now, in collaboration between the public and private sectors, to put in place
the right security technologies, protocols, and public policy to protect the
integrity and defend the public’s trust in IoE.