IoT, cybersecurity and product development: the Samsung case

Last week Samsung USA posted a tweet about their QLED TVs, which was deleted shortly afterwards. The tweet advised Samsung users to prevent problems by regularly checking their QLED TVs for malware. The incident was a further illustration of the tension that exists between cybersecurity and the Internet of Things (IoT).

samsungtweet

IoT device security is a sensitive issue

The jumpy media response and subsequent removal of the advice showed what a sensitive issue the security of smart devices is in the context of the relationship between manufacturers and consumers. Are TVs unsafe? Am I at risk? It seems that users find it difficult to accept that durable consumer goods such as TVs are more and more like computers... and should therefore be treated like computers.

No need to delete the tweet

In my eyes, Samsung's decision to delete their tweet is regrettable, since the advice given was sound. Samsung's QLED TVs have an extra security feature: a malware scanning function. That's something that everyone should welcome, and it shows that the company's product developers are aware of the issues in this field.

Association with malware

Unfortunately, the people in charge of communication at Samsung take a different view. We can only guess at their true motives, but they may well have been worried that associating their products with malware would put off potential buyers. Marketeers and communication professionals generally want to give their products the most positive associations possible in consumers' minds.

Keeping quiet about an important feature

However, that kind of thinking can have unfortunate consequences where cybersecurity is concerned. By keeping quiet about cybersecurity, manufacturers are de-incentivising investment. In a competitive environment, an important product feature isn't highlighted for fear of negative publicity. With the result that consumer awareness of cybersecurity remains low, and many people fail to take the necessary steps to secure their devices. Not a healthy situation. In that respect, Samsung would do well to follow the lead of Microsoft. Ever since 2003, the software giant has drawn its partners' and users' attention to Patch Tuesday, when new security updates for Windows are published.

Inadequate risk awareness

Another undesirable outcome of not talking about cybersecurity is the effect on product developers. Product marketeers tend to define priorities on the basis of customer perceptions of added value. If consumers lack proper awareness of the internet-related risks associated with smart products, they will perceive little value in security features. And that will lead to product developers prioritising investment in other features, such as sharper displays or convenient remote controls. That would be remiss, and a policy that could well come back to haunt any manufacturer that pursues it.

Security matters to 85 per cent of consumers

According to our survey of Trends in Online Security & e-Identity, 85 per cent of consumers already consider security when making purchase decisions. Although it's the decisive consideration for only 10 per cent, that could change very quickly if disturbing incidents start grabbing the media headlines. And the implications for the manufacturers whose products are involved could be very serious indeed.

How to secure smart devices

A recent study by Delft University of Technology illustrated that most consumers don't really know how to make IoT devices secure. What features should you look for when buying? Is there a quality approval system for security? The challenge of managing an ever-expanding 'stable' of devices seems well-nigh impossible to many.

Router is the key to IoT security

Fortunately, there are convenient options for keeping the IoT secure. A device whose security has been compromised can only create problems if it has access to the internet. And, for that, it's ultimately reliant on a router or modem. Router-based detection and blocking of suspect traffic can therefore make a major contribution to issue prevention. And that can be realised using the open-source SPIN application developed by SIDN Labs, for example. In the meantime, I would urge manufacturers such as Samsung to be more bullish. Cybercrime is part of internet reality. So how about showing people that you're facing up to it in a grown-up, professional way? Tell your customers how to use their gadgets safely.

Show some balls!

Michiel_Hennekes

Michiel Henneke

Marketing Manager

+31 26 352 55 00

michiel.henneke@sidn.nl

  • Tuesday 12 February 2019

    About SIDN

    Outdated IPv4-based internet unsuitable for peer-to-peer applications

    Thumb-gaming-on-laptop

    NAT spoils gaming experience

    Read more
  • Friday 20 April 2018

    Solutions

    Got lots of domain names? Here's how to keep track!

    Thumb-chaos

    Easy portfolio management

    Read more
  • Tuesday 24 July 2018

    Knowledge

    With a new domain name in Google? Here's how to stay findable

    Thumb-search

    Your domain name is a trading name, that generates business and therefore has value. Prevent customer desertion!

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.