It is perhaps telling that when preparing this blog post, I had to add the word “wearables” to the dictionary of my word processor. We are still at the very beginning of the journey into an interconnected “Internet of Everything” but the truth is that every beginning exists in its own unique circumstances. The circumstances surrounding the Internet of Everything are these:
This journey is not at the walking pace of the Enlightenment that lasted 100 years, or the brisk trot of the Industrial Revolution that unfolded over about 60 years, it’s not even the canter of the Facebook revolution, from zero to one billion users in just 12 years. Now we’re at a full-on gallop (and if I’m lucky enough to still be writing about the next great shift I’ll need to think of a new analogy!)
Let’s not fool ourselves; let’s not be complacent. When we say in our predictions that devices in the Internet of Everything will be largely saved from attack due to the great diversity of form, function and operating system we are talking strictly short-term and The Unavoidable Acceleration of Everything (there were zero returns when I searched for that phrase, so I’m claiming it) means that that short-term is forever shrinking.
In the absence of a common operating system or code base and in an ecosystem where devices and services are increasingly designed to interact APIs become the new attack surface and they are currently more than doubling in number year on year, every year and these are still the very early days. APIs mean business, both legitimate and criminal.
Attackers will continue to search for the weakest link. A compromise at any point in the chain of information will lead to amplified effects in unforeseen or unnoticed areas as devices, processes, people and services become increasingly both interconnected and autonomous at the same time. Complexity is the enemy of security, in the interconnected Internet of Everything, tracking down the source of misinformation or the point of compromise may become impossible for the average consumer or business.
Unless proper authentication of the integrity, provenance and validity of information can be designed into the processes, devices and decision-making of the future, we’re not just opening up a new attack vector, we’re opening up our lives, our enterprises and our homes.
Please add your thoughts in the comments below or follow me on Twitter; @rik_ferguson.