• KU-headshot_b

    By Ahmed Banafa, Kaplan University Faculty

    We can list the threats of Internet of Things (IoT) in three major categories: privacy, security and safety; these categories are interrelated as they deal with the same device and its connections. The significance of these threats can be understood as the IoT devices are poised to become more pervasive in our lives than mobile phones and will have access to the most sensitive personal data such as Social Security numbers, health information, and banking information.

    For example, a couple security concerns on a single device (such as a mobile phone) can quickly turn to 50 or 60 concerns when considering multiple IoT devices in an interconnected home or business. Considering what IoT devices can access, it’s important to understand their security, privacy, and safety risks.

    It’s important to remember that IoT is still an evolving “work in progress.” Many things are connected to the Internet now, and, as this article notes, “We will see an increase in this and the advent of contextual data sharing and autonomous machine actions based on that information.”

    The very definition of the IoT is the allocation of a virtual presence to a physical object—these virtual presences will begin to interact and exchange contextual information and the devices will make decisions based on this contextual device. This, in turn, has the potential to lead to very physical threats around national infrastructure, possessions (for example, cars and homes), environment, power, water and food supply, and more. For example, hacking into your house and turning lights off or on is not as serious as the lighting system of a tunnel in New York City or subway systems in Tokyo or the Bart System of the Bay Area of San Francisco. Recently a law firm filed a lawsuit against  three major automakers claiming that these companies failed to take measures to protect their vehicles from hackers.

    As more and more such devices enter the market—and our lives—IoT security is no longer a foggy future issue. From self-parking cars to home automation systems to wearable smart devices—just think of the Apple Watch, with an estimated forecast that 19 million will be sold in 2015.

    The growth in these connected devices is expected to spike over the next several years, according to numbers accumulated by Cisco Systems. What Cisco officials call the Internet of everything will generate $19 trillion in new revenues for businesses worldwide by 2020, and IDC analysts expect the IoT technology and services market to hit $8.9 trillion by the end of the decade.

    Interesting research conducted by HP showed a striking number of vulnerabilities per device ranging from Heartbleed to Distributed Denials of Service to weak passwords to cross-site script. 

    IoT’s Threats Are Real

    According to this article from CSO, experts say that IoT security threats are expansive and can present a good target for attacks such as industrial espionage. “Another major area of concern is privacy with the personal information that will potentially reside on networks, also a likely target for cybercriminals.”

    In addition, as more and more objects contribute to today’s interconnected environment, devices are prone to lose physical security, and “attackers could potentially intercept, read or change data . . . they could tamper with control systems and change functionality, all adding to the risk scenarios.”

    What Can We Do?

    Threats will continue to persist with IoT but there are certain ways to increase security of these environments using security tools like:

    • Data encryption
    • User authentication
    • Resilient coding
    • Standardized and tested APIs that react in a predictable manner

    Further, “software development organizations need to be better at writing code that is stable, resilient and trustworthy.” As systems interact with each other, it's becoming more essential for an agreed interoperability standard. Without a solid bottom-top structure we will create more threats with every device added to the IoT. What we need is a secure and safe IoT with privacy protected—it’s a tough trade off, but not impossible.

    Interested in this career? Check out Kaplan University's IT resources here.

    Ahmed Banafa is a full-time faculty member at Kaplan University. The views expressed in this article are solely those of the author and do not represent the view of Kaplan University.

    Back to Articles and Publications

  • Learn More About Our Cybersecurity Degree Programs

      • IT - BS in Cybersecurity Teaser

        Bachelor of Science in Cybersecurity

        Learn More
      • IT - MS in Cybersecurity Management Callout

        Master of Science in Cybersecurity Management

        Learn More

Request Information

  • (optional)
  • Step 1 of 2

Information Technology


  • Transfer Credit
  • Paying For School
  • Kaplan Commitment