As we kick off 2024, the industry is awash with IoT security trend predictions about what we can expect this year and beyond. While many of these tend to be aspirational trends that won’t materialize for many years, I think we’ll see some significant innovation in numerous sectors, including cybersecurity. In particular, the IoT industry, which has historically lagged in that arena, is primed to gain ground in the year ahead.
Here are just a few of the IoT security trends I expect to see taking shape throughout 2024.
IoT Security Standards Become Standard
As IoT devices become more prevalent, there is an increasing focus on developing security standards. These initiatives will help ensure that IoT devices are secure from cyberattacks. For example, the White House Cyber Trust Mark IoT labeling program has a host of criteria to shore up vulnerabilities. Some include requiring that IoT devices have strong, unique passwords, protecting both stored and transmitted data, offering regular security updates, and shipping with incident detection capabilities.
While the program is currently voluntary, I expect it and others like it will soon become mandatory, and I also predict we’ll see these standards adopted by other countries to help address the myriad of cybersecurity concerns rather than waiting for disaster to strike. As this happens, vendors will increasingly look to distinguish themselves by collaborating with the respective regulatory bodies and participating in the initiatives to drive change.
IoT Innovations Expand Attack Surface
In 2024, enhanced 5G connectivity will pave the way for numerous emerging applications. It may seem futuristic, but we’re not too far off from a world where some surgeries can be performed remotely with the assistance of mixed-reality devices overlaying important anatomical or surgery-specific information. Other examples include innovations in autonomous vehicles and the enterprise metaverse.
As these and other industries roll out new applications, however, there will be a larger surface for cybercriminals to exploit. In the automotive sector alone, 64% of C-level executives in a recent survey believe the industry’s supply chain is currently vulnerable to a cyber attack. This emphasizes the importance of prioritizing security at the beginning of the development lifecycles instead of treating it as an added afterthought.
Machine Learning Key to Detecting Security Anomalies in IoT Devices
As the number of connected devices increases, the risk of a cyber attack and its consequences continues to escalate. Machine learning will increasingly become pivotal in helping identify threats before they become serious security risks. Organizations can use the technology to analyze known vulnerabilities and determine which poses the most critical threat.
Other applications include simulating new attack patterns to learn how best to defend against these attacks, should they occur in the real world. In 2024, you can expect a slew of new ML-driven solutions to enter the market offering these and other capabilities to improve IoT device security.
Open-Source Security Thrust into the Spotlight
Finally, I think the industry will have to confront the “dirty little secret” of open-source. As the foundation for numerous IoT projects and software, an exploited vulnerability in open-source code could create a devastating ripple effect across the supply chain.
While security pros know this vulnerability, it largely flew under the radar. However, with a recent report finding that 82% of all open-source components are inherently risky, I think a large-scale attack will happen before the industry can address these vulnerabilities. In the coming year, expect this ticking time bomb to explode with a game-changing supply chain attack that serves as the impetus to finally tackle the problem.
The new year is always an opportune time to reflect on past experiences and commit to new practices and regimens. In the IoT realm, it’s time for action. Let’s make 2024 the year of IoT security innovations limiting threat actors’ abilities to exploit connected devices and systems.