During their weekly CIO meeting, NIATEC students examined the challenges facing the global challenges caused by Internet of Things devices and how best to motivate a more secure environment. Key points included the effect that government regulation can have on security standardization, along with the economic effects of powerful corporate organizations setting clear requirements. One critical point raised includes the need to be specific when discussing 'secure' devices, and related the approach to improving the overall security of devices as akin to improving the general health of a population: just as a population often requires vaccinations to protect the population against a specific breed of disease, so the world can drastically improve its resistance to specific avenues of attack by requiring specific controls, certifications, or standards compliance; This often requires dealing with specific threats to the population or by addressing specific vulnerabilities that are exploited by threat actors. Either way, asking 'Why isn't technology secure?' is as vague as asking 'Why isn't the population completely healthy?' A vague question will get many answers with general ideas, but to accomplish an actual goal of improved 'health' we need to address key factors that contribute to the problem.
For more insight on this issue, please contact NIATEC at niatec@iri.isu.edu
