comment on this article

Stinging reports show industry still failing to grasp the security nettle

Another week, another report highlighting the industry’s apparent inability to grasp the importance of security.

The latest report, from the UK’s Department of Culture, Media and Sport, urges companies making products for the IoT to build strong security measures into their designs and not to ‘bolt them on’ as an afterthought.

The report – part of the Government’s National Cyber Security Strategy – picks up on a projection that more than 400million smart devices could be deployed in UK homes within three years and that many of these could be exploited as part of a cyber attack.

The security flaws in consumer electronics products were highlighted by Which? in a ‘snapshot’ investigation. It set up a network of smart gadgets and found eight of the 15 appliances on the network had at least one security flaw.

We also reported last year on a survey which found that 65% of medical device makers believed an attack on one or more of the products built by or in use in their organisation was likely in the near future. Yet only 17% of respondents said they were taking ‘significant’ steps to prevent attacks.

Meanwhile, the Barr Group’s latest report determined that one in five embedded system developers don’t list security as a requirement in their latest project. Other failings included a lack of regular code reviews and no coding standards. No wonder the Barr Group found the results to be ‘highly concerning’ and that there was ‘a lot more work to do’.

The DCMS report, created in association with the National Cyber Security Centre, recommends all devices should have unique passwords, that companies should have a vulnerability policy, that data should be encrypted and software updated automatically.

You might think these measures would be ‘front and centre’, but they aren’t. Art Dahnert from Synopsys summed it up nicely: “Smaller companies often don’t have a clue about security or the resources to devote to it. And, to be honest, many larger companies are also behind the curve.”

It’s no wonder we’re all beginning to talk about the Internet of Insecure Things.

Author
Graham Pitcher

Comment on this article


This material is protected by MA Business copyright See Terms and Conditions. One-off usage is permitted but bulk copying is not. For multiple copies contact the sales team.

What you think about this article:


Add your comments

Name
 
Email
 
Comments
 

Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles

Fault detector

A tool that is able to spot defects or unwanted features much earlier in the ...

Definition in demand

Consumer interest in 4K continues to increase and by the end of 2018 4K TV ...

Managing your IPR

It’s essential that companies consider managing their intellectual property ...

Dual-Radio dev kit

By supporting concurrent communication over Bluetooth Low Energy (BLE) and ...

Smart Home Expo

The Smart Home Expo, which focuses on the future of smart technologies, ...

Get to market faster

A quick look at using Vicor's PFM and AIM in VIA packaging for your AC to Point ...

Semiconductor boom

Compared to an ailing steel industry, just a few years ago, the semiconductor ...

A racing certainty

AI has shaken the automotive industry to its core, inspiring a revolution. ...

Planning pays off

Described as a one-stop shop Plexus provides companies with engineering, ...

Piezoelectric haptics

Boréas Technologies’ CEO, Simon Chaput, talks to Neil Tyler about the company’s ...