The UK government has announced £200,000 in funding for research to assess the resilience of smart technology.
UK workplaces are becoming increasingly reliant on the Internet of Things (IoT) in their operations. However, this means systems that gather data can become vulnerable to cyber criminal activity, with not all devices having adequate security.
Steven Furnell, senior member of the Institute of Electrical and Electronics Engineers (IEEE) and professor of cyber security at Nottingham University, said: “Most IoT devices are not doing any ongoing checks on who is using them, they are set up and can then be controlled equally by anyone, albeit maybe with a password or PIN required to get into the ‘Settings’ menu.”
“However, introducing a check each time someone wants to do something would not be possible if we rely on traditional methods.
“Biometrics open the door to making the checks in a friendly and tolerable manner, with the potential for seamless transitioning between users of shared devices.”
The UK government will reportedly award those with successful bids up to £200,000 to assess the strength of current security measures and guidance to see if they are capable of safeguarding commercial organisations from evolving threats.
Kevin Curran, senior member of IEEE and professor of cybersecurity at Ulster University said that IoT devices can be a gateway into a business’ private network, especially when personal devices are brought into the office.
“With more devices there are more endpoints, and this could lead to a chain-attack which has catastrophic consequences,” Curran said.
“Organisations need to ensure they deploy IoT devices with sufficient security policies in place, such as firewalls and intrusion detection and prevention systems, but they also need to ensure they cater for the confidentiality of their customers data.
“This is where encryption plays a core role.
“Of course, all devices need strong passwords, but it is also good practice to enforce certificate-based authentication which identifies communicating individuals and authorised device.”
The financing is one portion of the government’s £2.6bn National Cyber Strategy to protect the UK from cyber threats and expand the digital economy. The measure aligns with the Product Security and Telecommunications infrastructure bill (PTSI) currently going through parliament, which was established to improve the cyber resilience of IoT devices used by everyday consumers.
