Due to the nature of various IoT devices, like the need to be portable, designs can pose barriers to cybersecurity.
|Consideration||Device Constraint||Security Concern|
Many IoT devices require a long battery life, without access to a permanent power supply.
Power-efficient hardware may lack additional capabilities like ability to support encryption or hardware security mechanisms.
The consumer’s perceived value of a device greatly depends on the cost to purchase and implement the device. Market drivers often require that companies produce devices at a very low cost.
In meeting these price pressures, devices may have low processing power and constrained hardware space, offering limited support for security mechanisms.
The lifespan of devices vary greatly, some devices (like simple sensors) are short-lived, while others are meant to last for decades.
Over time, devices may become hardware-constrained and cannot be updated. Built in security mechanisms may be found vulnerable or deprecated, like old encryption suites.
The IoT is transformational, representing a market shift in the way IT services are offered and consumed, both for personal and business use. As this market emerges, several factors may present as considerations for implementing cybersecurity for IoT.
These considerations may include:
First to Market
In blooming market segments, developers push to be first or early to market. These developers within the IoT ecosystem must balance implementing proper security mechanisms, simultaneously facing pricing pressure and market forces to develop features, functionality, and commercially -viable products and services.
The low barrier to entry to the marketplace has led to a variety of products and services often using different hardware, software, APIs, third-party service providers, and patching mechanisms. This creates challenges as IoT adopters look for interoperability, standards, and best practices when implementing IoT technology.