Yesterday, we kicked the 2016 IIoT Bold Prediction Series off with a bang! As a nice follow-up, and second iteration of the series, Tim Mester, Principal Engineer of Advanced Technology at FreeWave, presents his Industrial IoT bold prediction:
Prediction #2: Government Regulations Coming for IoT and IIoT Devices
Due to a major security breach or reliability failure in connected devices or systems used in the Industrial IoT space, governments will be compelled to create and enforce new regulations on all IoT (and IIoT) devices, much like what is happening with the drone industry.
(Note: IoT security breaches are not unheard of, as pointed out in this recent article by Bill Montgomery and Glenn Longley’s latest prediction as the first part of the bold prediction series.)
But, like drones, the barrier to entry into the IoT space has been lowered by improvements in technology. For IoT/IIoT devices, it is by the proliferation of a low power “system on chip” technology (SoC) and platforms like the Beagle Bone, Raspberry Pi and Arduino. Also, the Open Source software that is available allows developers to quickly pull products together based on these inexpensive SoC’s. Now that we can quickly have these products, how do those procuring these know that they are secure? How do they know they will be reliable and will not fail in mission critical applications?
Companies that are already experienced in the M2M and IIoT space understand these issues and concerns. They take the necessary steps to ensure that they can deliver secure and robust devices to their customers. But what about the new comers? The ones that took the easy route? The ones who do not have the experience in this space?
As IoT/IIoT data and control becomes more sensitive and critical, concern will grow concerning the robustness of all of these devices that our lives are becoming dependent on. I believe that we will see a surge of government regulations that mandate the levels of security and reliability for IoT and IIoT devices. We are already seeing the beginning of these types of government regulations being mandated in some critical infrastructure industries and this will only perpetuate.
In smart grid projects, for example, operators must take into consideration the cybersecurity reliability standards which FERC oversees. This helps operators choose a more cyber-hardened technology. On the other hand, for industries that do not have these standards in place yet, there remains a tradeoff between “secure” and “easy-to-use.” When strong cybersecurity has not been mandated, people tend to avoid the “harder-to-use” option that is typically more secure.