Security is Job One in the IoT World

The emergence of the Internet of Things (IoT) as a tool for building control has a tremendous number of positive implications for energy managers. But there is a dark side: The electronic linking of building devices and systems to centralized controls and the cloud raises intense security concerns.

Paul Jauregui, the Vice President of Marketing for penetration testing firm Praetorian discussed these dangers at LEDs Magazine. As the name implies penetration testing – known in the security industry as “pen testing” – is aimed at miming cyber criminals’ techniques to spot weaknesses in the security measure an organization has in place.

The piece focuses on LED lighting. Jauregui says that three major high level challenges are security weaknesses in the transport layer, the vulnerability of accounts and “shared, default secrets,” which refers to the laziness of users unwilling to automatically change pre-set passwords. Device level problems are whether or not debug services are enabled, missing patches and insecure updates, he wrote.

Lighting, of course, is just one smart element about which security professionals must worry. Indeed, smart cities include elements such as traffic control infrastructure, water and waste monitoring, security cameras and what in essence is an almost endless list of municipal elements that can be electronically monitored and controlled.

The security issues are intense, however. An article at Government Technology reports on a survey conducted by security firm Tripwire. The survey gathered opinions from more than 200 information technology professionals. The bottom line is sobering:

The results confirm that while the concern over smart city security is broadly distributed, actions to address these concerns are few and far between. To set the stage, the respondents overwhelmingly agreed (74 percent) that smart city initiatives are “very important.” At the same time, a majority (55 percent) said that cities do not devote adequate resources to cybersecurity for smart city initiatives. Clearly, while these initiatives are vital to the future of our cities, cybersecurity is a missing piece of the smart city puzzle today.

An important step is systematic, built-in cooperation between physical and IT teams, according to HD Global.

10 Tactics of Successful Energy Managers
Sponsored By: EnergyCap, Inc.

  
The New Energy Future - Challenges and Opportunities in Corporate Energy Management
Sponsored By: Edison Energy

  
The Hidden Costs of Air Compressor Operation
Sponsored By: FS-Elliott

  
Planning for a Sustainable Future
Sponsored By: Dakota Software

  

Leave a Comment

User Name :
Password :
 
If you've no account register here first time
User Name :
User Email :
Password :

Login Now