What risks and extra costs arise if cybersecurity in IoT use cases is not implemented and monitored along the entire lifecycle? Why is it essential for the success of IoT applications that IoT protocols are transmitted reliably and securely in the IoT network? And what should companies consider with regard to cybersecurity in the various project phases of IoT projects? We spoke to Axel Dittmann, Senior IoT, Data & AI Technical Specialist EMEA, Microsoft Germany, about best practices and avoidable mistakes.
From your expert perspective: What is the major challenge in terms of connectivity in IT use cases?
Axel Dittmann: A key challenge is harmonising the different protocols. There are several IoT communication protocols used in communication between devices in the IoT network. IoT protocols are designed to ensure that information originating from one device or sensor can be read and interpreted by another device, gateway or service. If the transmission protocols do not include security, there is a risk that the data will be manipulated during transmission. This results in the problem that analyses are based on this altered data and lead to the wrong conclusions.
Let’s take predictive maintenance for the maintenance of machines in industry as an example. If incorrect data is transmitted due to a data leak, the algorithm that is supposed to calculate future scenarios for the failure rate of the machine, for example, is changed so that it generates false values, which again results in additional costs for me. For example, by using a maintenance mechanic too often or incurring extra costs because I cannot predict outages correctly.
Which strategy and measures will enable companies to master the challenge of IoT connectivity and cybersecurity in the complete lifecycle management of IoT use cases?
Dittmann: It is important to implement reasonable security mechanisms and to renew them permanently throughout the lifecycle of IoT projects. This includes, for example, certificate-based authentication, ensuring that devices are also covered in terms of IT security and continuously verifying that the certificates and authentication mechanisms are valid and that data has not been changed during transmission. Conversely, this means that renewable security must be implemented in IoT solutions. Unfortunately, we experience time and again that a solution is simply implemented because it has to be done quickly and cybersecurity is neglected as a central factor along the entire life cycle in the IoT sector.
Thank you very much for your time and the interview!