How Companies can Fight Cyber Risks in an Internet of Things World

The approach to cyber risk in most large organizations can vary by country, product, or business unit. That has worked well enough for many—parts of the business that need a more aggressive approach to cyber risk handle their threats one way, while others take a different approach.

Fremont, CA: What distinguishes the Internet of Things (IoT) from the conventional Internet? To begin with, there are people. The Internet of Things does not need human interference to operate. Sensors capture, interact, interpret, and act on information as part of the Internet of Things, providing new opportunities for technology, media, and telecommunications companies to generate value—whether by developing completely new businesses and revenue streams or providing a more productive experience for customers.

Many technologies, media, and telecommunications firms are already dealing with cyber risk issues. What are they discovering? In this issue of Flashpoints, we'll look at some of the more noteworthy trends in the fight to tackle cyber risks and capitalize on new opportunities as the Internet of Things extends its reach:

An Integrated Risk Philosophy Is Mandatory

The approach to cyber risk in most large organizations can vary by country, product, or business unit. That has worked well enough for many—parts of the business that need a more aggressive approach to cyber risk handle their threats one way, while others take a different approach. However, the Internet of Things is pushing many business leaders in technology, media, and telecommunications to reconsider this decentralized approach, as it continues to bind companies and their operations in unexpected ways. The size and scope of data being produced and processed, not to mention the fact that much of it is actually owned or accessed by third parties, complicates IoT security. As a result, several leaders are adopting an umbrella-type cyber risk model, improving cyber risk standards at every level of the company, from pre-threat to post-event. This includes preventing and detecting IoT-related cyberattacks before they take root, tracking and neutralizing threats that are already in play, and restoring regular operations as soon as possible after a threat has been detected.

Cyber Risk Management and Innovation Must Go Hand in Hand

More knowledge opens up more opportunities to build value: This is the promise of the Internet of Things. Today, entire business models are built on the concept of close collaboration among organizations – and data is frequently the glue that holds them together, driving companies to invest heavily in customer analytics capabilities in order to discover new value streams for their customers. These partnerships make use of an unusually wide portfolio of data types, including not only computer and system data but also employee rosters and inventory information, as well as non-traditional data types such as facial recognition data, facilities access data, and industrial control system data, to name a few. For many, this is uncharted territory, and data governance has struggled to keep up.

In that climate, how does one maintain firm control over data governance? If one tightens the reins too much, they risk suffocating much-needed creativity. If one pursues an approach marked by lax regulation, they could be exposed to external cyber risks. Cyber risk and creativity are inextricably linked—neither should be prioritized over the other. Some of the most forward-thinking executives in technology, media, and telecommunications are balancing these business imperatives by collaborating with business leaders both within and outside their company to create a "baseline of normalcy." Possible anomalies can be easily and reliably flagged for further analysis by recognizing what "natural" data behavior looks like.