Security, privacy and trust have to be some of the most important issues that service providers are facing right now – the topics are certainly hot at the moment and dominated the keynotes once again at Mobile World Congress. The statistics that Brian Krzanich, CEO, Intel Corporation, gave are not only mind-blowing but also alarming. Krzanich estimated that in 2015:
- 80 percent of all enterprises will suffer a security breach
- With the average cost to a company being $11.6 million
- It will also take on average 31 days for the enterprise to fix things after the breach
- The annual cost of security breaches will be $400 billion
Security breaches are becoming harder to control as the attack surface has increased significantly, and it is only going to get larger with the development and deployment of IoT services and connected devices. Smartphones are seeing a 27 percent growth year-on-year, whilst mobile transactions are seeing an annual growth of 35 percent. With an estimated 50 billion connected devices by 2020, it is imperative that security issues are dealt with quickly and efficiently, and moreover that the network becomes much more secure, especially across the Internet of Things ecosystem.
The move from cost to safety
We often consider the cost of security and identity breaches as the major driver behind securing the network. However, IoT is going to be the game-changer and it will become less and less about cost and more about safety. The implications of a security breach become rather frightening in a connected world. Let’s consider the example of the driverless connected car. Hackers could potentially turn off the brakes or steering, change the navigation or shut down the car completely on the motorway. The impacts of security breaches now become quite dangerous.
Security at the center of the connected ecosystem
It became very clear that a new approach is needed to the way in which security threats are dealt with. Security, privacy and trust has been central to all discussions at Mobile World Congress this week and as Gary Kovacs CEO, AVG Technologies, rightly stated,
“Security is now at the center of the connected ecosystem”.
There has been a huge shift not only in the services that are being provided but also in the amount of personal and valuable information that people share without even realizing it, from how much we sleep and exercise, to how fast we drive our car and what restaurants we visit. It is amazing to think that the Internet is only 22 years old, yet three billion people are already connected online. Kovacs estimated that “90 percent of the world’s data has been created in the last two years.”
So with security being at the center of the connected ecosystem and so much data being stored online, what approach do we need to take to address the security concerns? Patrick Gelsinger, CEO, VMware, believes it is absolutely critical that we move on from the old security mindset of locking down the device, encrypting and preventing the denial of service and just adding more perimeter security. Instead, he states that we need to take the new approach of “securing the entire value chain: focus on applications and users and manage risk.”
He also stressed that security needs to be built into the security architecture which is based on micro-segmentation, rather than just creating an external firewall. This will ensure that once the breach is made, the hacker won’t be able to access the entire system but will instead be limited to a small location and aspect.
With all of this in mind, we mustn’t forget that we really do need an open industry framework to ensure end-to-end security across the digital ecosystem. This will become more and more critical in the connected world, not only within an ecosystem but also in an ecosystem-to-ecosystem model.