As the number of IoT devices explodes, so do the number of security vulnerabilities. Partners can help close that gap and boost their businesses, according to Fortinet Vice President of Strategic Programs Jonathan Nguyen-Duy.
Gartner predicts that there will be more than 50 billion IoT devices by 2020. Nguyen-Duy said Fortinet research has found that more than 70 percent of those devices will be vulnerable to attack, with 25 percent of all cybersecurity attacks by 2020 associated with IoT.
"That's why IoT security is such a prominent concern. Those concerns are one of the major issues why enterprises and organizations of all sizes are looking for trusted partners to help them address some of these weaknesses," Nguyen-Duy said at IoTConnex, a virtual IoT conference hosted by CRN parent The Channel Company.
Nguyen-Duy said there are particular opportunities for partners around manufacturing, freight monitoring, production asset management, and critical infrastructure. He said all of those areas are "growth areas," and IoT will represent the "vast majority of spending" in those markets.
John Van Blaricum, vice president of global marketing at Kudelski Security, said the security solution provider is already "all over this" opportunity. He said the company has already launched defined services, advanced labs to validate hardware and software, and is designing new devices.
Van Blaricum said Kudelski is working primarily with manufacturers to date but is starting to see "a lot of interest" from companies with IoT or ICS utilization. He said a recent client advisory council also had a "growing concern" around IoT.
The reason demand is rising, Van Blaricum said, is that more and more devices such as industrial control systems are being connected to the Internet. He said those were "previously considered dumb controls," but recent proof points have shown their vulnerability.
"These are now potential vectors for attack," Van Blaricum said.
The challenge for customers, Nguyen-Duy said, is that many IoT devices are not designed with security in mind, are "headless" or don't offer an operating system or processing power to run security elements, and may have passwords hardcoded into the firmware, so they are difficult or impossible to patch or update. There is also an increasing complexity that IoT introduces into an environment, with consumer IoT, commercial IoT, and industrial IoT all entering the workplace.