The Internet of Things (IoT) isn’t a distant vision of things to come. It’s here. Businesses are connecting devices, processes, and people to collect data that helps them make smarter decisions, take automation to new heights, improve the quality of products and services, and lower their costs. Cisco’s report Digital Business Transformation: Disrupt to Win projects there will be 50 billion connected devices by 2020, and estimates that 75 percent of businesses will be fully digital, or are planning to be, by that same year.
As you provide solutions and services that help your customers connect sensors, devices, and smart machines to their operations, there is one more thing you can’t forget: Security.
IoT Cyberattacks Are Already Happening
The number of cyberattacks continues to rise, and virtually all companies are connected to domains that host malicious files or services. Your clients may unknowingly be the victims of hackers right now. After all, more than 50 percent of cyberattacks take months or years to discover.
When you evaluate a customer’s network security, it would not be unusual to find a collection of point security products that the business added as they deployed new technologies. These often-non-integrated solutions can leave gaps that hackers can exploit.
A worst-case scenario would be connected devices that have no security at all. Security for smart assets such as freezers, cameras, HVAC systems, and even small, seemingly innocuous devices or sensors may have been overlooked when they were added to the network.
With businesses connecting more and more things to the Internet, hackers will seek out vulnerabilities they can use to their advantage. For example, the massive distributed denial of service (DDoS) attack on Dyn, a New Hampshire-based DNS provider, in October 2016 was traced back to 100,000 infected devices.
How to Turn the IoT Conversation to Security
As businesses move forward with their digital transformation strategies, security isn’t always top of mind. There are three questions you can ask to shed light on how prepared they are to protect their systems and their data, as well as how your services can be of value to them.
1. Is your existing network security strategy IoT-ready?
Help take stock of the customer’s network and the security they have in place. Be prepared to educate your prospect about Advanced Threat Protection and what a comprehensive security solution for a digital business must include: secure routing, firewall, email security, next-gen IP security, Web security, and secure access.
The ideal scenario is to move your customer to a converged model with minimal disparate point security products. This enables real-time information capture and provides a 360-degree view of internal and external security threats. The strategy should include the ability to integrate with third-party solutions that provide threat intelligence as well as the ability to quickly contain and remediate threats.
2. Is your in-house IT staff capable of handling IoT security?
IT security talent is hard to find. Expertise in Advanced Threat Protection, which is essential for IoT security, is particularly rare in today’s IT talent pool. In-house IT staff with extensive knowledge about which solutions are available from vendors that can address a business’ needs most efficiently and cost-effectively are also limited in number.
If your customer or prospect is struggling with in-house IT security expertise, this is an opening for you to explain the services and expertise you offer — which also would cost less than hiring a qualified security employee.
3. What will you do if everything just stops?
Your customer can only benefit from digital transformation if their business can operate. If the system is breached and infected by crippling malware or ransomware, how would the business recover? When mission-critical systems depend on connected systems and devices, downtime cannot be tolerated. The time it would take to recover from an attack could mean a loss your customer may never recover from. Taking every possible measure to prevent an attack that creates downtime is critical. Discuss a layered approach to Advanced Threat Protection that includes a next-generation firewall with advanced threat detection, antivirus, and intrusion prevention/intrusion detection.
Share What You Learn
As you investigate the possibilities IoT creates for your business, providing advanced security solutions is an opportunity that is hard to ignore. Educate yourself on how IoT networks work with other IT solutions such as cloud services and mobility to best integrate new security solutions, and educate your customers about what you discover.
You should also establish vendor partnerships that can help you support these solutions, as well as stay informed on the threat landscape and new technologies. When you share what you learn about IoT security, your customers will be more likely to understand how crucial it is to protect their growing networks and their businesses — and be willing to make a smart investment in you.