In an age when businesses are online 24/7 and are heavily reliant on smart devices, almost everything is connected to the internet or to each other (Internet of Things). From smart lighting to refrigerators and from talking speakers to cars: everything now has an internet link. This brings considerable benefits, such as having the lights come on automatically when you arrive home or being able to heat the car before you get in it. But there are also risks involved, since these appliances are vulnerable to cyber attackers. IoT equipment is often especially susceptible, since it is rarely updated. When such equipment is first purchased, it may be relatively up-to-date and hence protected against cyber attacks, but if it is not subsequently updated, it will become increasingly vulnerable to new attacks.

Secure application of the Internet of Things

Securely marketing and maintaining the Internet of Things is difficult for organisations and private individuals alike. On the one hand, it is not just a question of how to adequately secure an IoT product (and keep it secured), but also of how to securely use IoT products. We are all familiar with an example from the automobile industry: cars now tend to be given a software update whenever they are serviced. But how vulnerable are we following the update? And how often do we update our interactive TVs, which we may have bought as many as three years ago? These are examples from the retail market, but there are also examples in your own organisation of equipment that is linked to the internet and may not have been patched for many years.

As an organisation, you obviously want to develop and/or use IoT equipment securely. That is why you need to ask yourself the following questions:

How often do we give the equipment a software update?
How do we use the equipment to communicate and how is this communication secured?
What cloud-based infrastructure do we use and what security criteria are met?

How BDO can help you

BDO can help you with solutions for the IoT, whether it concerns the development of a new product or the use of IoT in your organisation. We can support you in working out the right security criteria and solutions for new IoT products. We offer a comprehensive portfolio of services, including:

ISO-27001 support and implementation
ISO-IEC62443 support and implementation
temporary fulfilment of the role of Product Security Officer
product security risk assessments
awareness campaigns
training in secure coding
vulnerability scans

Contact

To find out how BDO can help you with the security of your IoT or provide you with further support, please feel free to contact one of our specialists for an informal chat.