Is the IoT sacrificing security for ‘cool’?
The Nissan Leaf is the latest in a string of IoT hacks that show why API security cannot take a backseat to ‘cool’
The recent hack of the Nissan Leaf triggered memories.
It reminded me that nearly two years ago in my first blog, “The Internet of Things – Today,” I mused about the rapidly emerging Internet of Things (IoT), and some of the cool new things that were beginning to appear, such as Anki Drive and Nest solutions. I also pointed out that in the “this is so cool!” world of development, security often takes a backseat to the cool factor.
Walk down memory lane
It reminded me of how naïve I was when I provided all the examples of the “cool factor” overriding the security factor in a follow-up blog, “Of Monsters and Men and Machines.”
Or what about these?
Addressing the security need
I can go on, but I think the picture is clear: In the IoT, security continues to take a back seat to the cool factor. I get why. Getting something out as first to market is an awesome thing. I’m a total geek and a former coder. I love to build cool things. But as a home owner, a vehicle owner and a parent – I now find myself carefully evaluating any new, cool function before I implement it to ensure that I’m not putting myself or those around me at risk.
Steps are being taken to address these security failures (albeit slowly), such as the OWASP Internet of Things Project. Organizations that are sensitive to these issues are also starting to look to software solutions like CA Mobile API Gateway and the other CA API Management products to provide a rock-solid security model and framework while their developers focus on the important (and fun) work of building cool features.
One hopes that the developers in the various IoT industries take note and get on board adding security to the coolness of IoT.