Security for the Internet of Things remains a challenge

European legislation is in its infancy

In our recent survey of Trends in Online Security & e-Identity, considerable attention was devoted to the rise of the Internet of Things (IoT). A small majority of surveyed consumers feared that connecting 'things' to the internet would make it less secure. And subsequent events have demonstrated that their concerns were well founded.

meerderheid bezorgd iot

Risks from the Internet of Things Q: How does the Internet of Things influence the security of the internet in the Netherlands? (n=2095)

More security incidents

Researchers recently discovered that many expensive Bluetooth-enabled door locks could easily be opened using a smartphone. Consumers often forget to secure their devices by setting a password. In many cases, manufacturers do take steps to address the issues, but are reluctant to stress potential problems, for fear of losing customers. The commotion caused by Samsung deleting a warning tweet earlier in the year is a good example of such thinking.

European legislation is in its infancy

For some time, the Dutch government has been pressing for European regulation of the IoT. As part of its campaign, the government has linked up with the business community to produce the Roadmap for Digital Hard- and Software Security and is actively lobbying within the EU for stricter controls. One of the measures sought is the introduction of pan-European minimum security requirements for smart devices from 2020.

Smart devices become insecure with age

Whether the IoT can in fact be regulated is debatable, however. It's a complex market offering a huge variety of devices, from solar panels to toys. To complicate matters further, devices usually become insecure only with age. Because, for example, the product has been discontinued, and the manufacturer no longer offers security updates. Against that backdrop, how can the proliferation of smart devices be kept secure? And can consumers and businesses be expected to constantly check whether all their devices are up to date?

More security checks needed

Legislation alone is not the answer. The management of IoT-related risks depends on vigilance as well. One obvious way forward is to look at the router that connects devices to the owner's home or business network. A scan of the router -- using our specially designed SPIN software, for example -- can quickly identify any suspicious behaviour.

Nevertheless, stricter European regulation is indeed desirable. If only to get consumers and businesses to open their eyes to the risks, and to raise awareness of cybersecurity.

  • Tuesday 5 March 2019

    About SIDN

    Could DNSSEC have protected the DNS against recent attacks?


    ICANN called for the adoption of DNSSEC

    Read more
  • Wednesday 30 October 2019

    Internet security

    New boost for IPv6 implementation in the Netherlands


    Global adoption of IPv6 continues

    Read more
  • Wednesday 5 June 2019

    .nl domain name

    A professional e-mail address helps you succeed in business


    Professioneel adres wordt serieuzer genomen

    Read more


Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.