In new markets, the return on investment of projects can be minor, and in some cases negative in the short term. Companies invest to learn, to test market fit and to build a foundation for future success. The internet of things is now moving beyond these early days, and there are multiple ways to drive positive ROI from IoT connected products. Both direct revenue and indirect value from IoT data can quickly impact a company’s top and bottom line.
Increase ROI through more product sales
An increase in direct revenue from an IoT-connected product can come in a variety of forms. The most common is through new features that are only in connected devices. These new features create differentiation and value in the product, driving customers to buy the connected product instead of an unconnected product. The simple example of this is a connected thermostat. A connected thermostat allows users to remotely control their device through an app, utilize multiple sensors to provide more uniform temperature across a house or office, and integrate the thermostat with other systems such as lighting or window shades. All of these new connected features create smarter products which drives customer adoption and increased sales.
Increase ROI through recurring revenue streams
Companies can also increase revenue through new sales and service models. A simple example of creating a recurring sales model through a connected product is the Amazon Dash Button. You place this device at a location where you have a consumable, like laundry detergent or coffee pods, and when you need a refill you hit the button to get your next replenishment. Where Amazon falls short is that the customer must remember to hit the button and have enough buttons for all their consumables. For product manufacturers this auto-replenishment model is an exciting new opportunity to create a recurring revenue stream with an end customer. I have worked with printer, pet care, life science, agriculture and energy companies to create automated replenishment models that have dramatically increased the ROI of a connected product project. This extends into service models as well, where a product service contract can be signed with a recurring revenue stream that allows for remote device management and support.
Increase ROI through indirect revenue streams
Beyond direct revenue from the sale of a product, or parts and services supporting that product, there are a variety of other ways companies can make more money from connected products. One of the biggest areas that is being unlocked through IoT-connected products is data markets that allow revenue to be made through the data or features that a connected product enables. A great example of this is the work Con Edison, a utility company, is doing with their smart air conditioner program. By connecting consumers’ home AC units, Con Edison can promote better end user behavior to manage peak electricity demand. The data flowing from a connected product opens new opportunities to monetize that data. Another example of this is through new service models delivered using connected devices, like in the healthcare industry. By enabling connected products and devices, companies can create new ways to deliver services to their customers. It may not be the connected product itself that is creating a new revenue stream, but instead the collection of devices together provide a new service revenue stream.
Increase ROI through cost savings
The final area that companies can increase the ROI of IoT is through cost savings that include risk avoidance, improved product quality and more effective marketing. By having a product connected, a company gets a real-time view into the health and usage of that product. This allows a company to better manage product risk of failure, downtime and service costs. An early example of this is in the insurance industry with companies like Progressive and its Snapshot product. Consumers can lower their insurance costs by driving data back to Progressive, which allows the insurance company to better manage risk. Similar IoT data will also lead to higher quality products, as companies can better understand why products out in the market are failing. Connected products are disrupting a multi-billion dollar product, user and market fit testing industry. Companies will have an unprecedented view of how customers are using their products, what features they adopt first and if they stop using the product. This will improve the ROI of product development processes, marketing programs and other costs of designing and launching products.
As companies approach IoT and connected products, there are a variety of ways to create a strong ROI. There are ways to generate new direct revenue streams from connected products, indirect revenue from connected product data, and reduce the costs of developing and launching a product. With the IoT industry maturing rapidly, companies need to have both top- and bottom-line business goals in place for connecting products. There are numerous ways to make an IoT project profitable, so the question for companies today is how to prioritize their investment to get products to market quickly and to start gaining valuable new insights from that data.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Having spent a good part of the short and elusive British summer studying the inner workings of IoT security, I am now most delighted to be in a position to present on the findings of my research. The full report on the topic is accessible to Machina Research clients, but as always we have made some of the observations available to the wider audience in the form of the report abstract and the press release, and in the following I will be sharing even more of them with the TechTarget community.
For starters, I would dare to argue that “IoT security” as a term is almost an oxymoron. The security needs of a light bulb and, say, an industrial control system are, not too surprisingly, worlds apart, so it is somewhat unhelpful to put them under one huge umbrella. That, though, prompts the question whether “IoT,” as such, is also an oxymoron, which for an IoT analyst is a rather uncomfortable thing to ask, so it may be better if we don’t track that train of thought any further. Either way, given this backdrop, it should go without saying that the security needs in the internet of things are fundamentally application-specific and contextual.
As a consequence, any enterprise that is working on an IoT deployment should carefully assess the risks involved with conceivable security incidents, and then determine how much money it is willing to spend on minimizing and mitigating them. The results may vary by geography: for instance, the new GDPR framework in the European Union will inevitably alter the economics of IoT projects in Europe. The “right” level of security is seldom “as much as possible,” and quite often that right level simply can’t be achieved without prohibitively compromising the application’s user experience or its underlying business case. When the risks and the costs don’t align easily, the only choice is sometimes to scrap the project.
With this long-winded caveat against over-generalization in mind, let’s delve into a few technological enablers that could be realistically seen as the main building blocks for a more secure internet of things:
- Threat intelligence and analytics: Increasingly sophisticated threat intelligence, driven by big data, is largely seen in IT-centric cybersecurity as the key to protecting enterprises against the dreaded zero days, and this area holds a lot of promise in the IoT as well. In particular, this is interesting when it comes to industrial IoT. On one hand, IIoT applications tend to involve such a large number of possible combinations of different hardware and software elements, sourced from different suppliers, that understanding all of the possible security implications can be extremely difficult. On the other hand, once a machine-learning scheme has established a baseline for what counts as the application’s normal behavior, the robustness of its anomaly detection should be more reliable than is the case with applications whose behavior keeps changing more dynamically.
- Virtualization and hypervisors: Having already transformed app development and deployment in the traditional IT, virtualization will also be entering the IoT scene in earnest over the next couple of years. The hypervisor-based (i.e., full) virtualization techniques represent a game-changer especially from the security standpoint by allowing enterprises to isolate an application’s mission-critical and non-critical features from each other on a highly granular level. This, for instance, has the advantage of streamlining the burdensome equipment re-certifications, which are typically required if the code affecting a feature that the OEM has defined as critical to the device’s security and/or safety is changed in any way. The approach does not yet make IIoT exactly DevOps-savvy, but over time it can certainly help smoothen some of the friction related to the IT/OT convergence. Besides hypervisors, the Trusted Execution Environment, or TEE, is another isolation technique that will warrant extra attention, following its breakthrough in smartphone security.
- Fog computing and intelligent gateways: While most of the industry interest related to fog computing has to do with its potential for edge analytics, the technology concept has also a distinct security aspect to it. Particularly with IoT applications that comprise a high number of dispersed and resource-constrained endpoints, a sufficiently capable master node, such as an “intelligent” gateway, should be seen as an anchor for the less secure end devices that reside below it in the network topology. Distributing security capabilities to the network’s edge through IoT gateways enhances security in various ways — including e.g., identity and access management, device authentication, cryptography, threat intelligence and incident response.
- Blockchain and distributed ledger: While its terminologically more famous incarnation, the blockchain, is without a doubt overhyped in the IoT context, the distributed ledger is something to keep an eye on. In settings where the number of both end nodes and their transactions can be appropriately restricted, it could become the new norm for ensuring the integrity of data over the application lifecycle of complex IoT systems. The ledger model could, for example, prove valuable in securing deployments such as vehicles, assembly lines and weapons systems, by providing different software-defined system components with trust that none of the other components have been compromised. As such, it could be instrumental for the evolution of what we at Machina Research refer to as Subnets of Things.
In all four areas, the focus is mostly on securing enterprise IoT, yet elements of them can be expected to trickle down also into consumer IoT, where the security outlook, in general, is currently much less clear. On the enterprise side, the pros and cons of security tend to be fairly tangible, but it may eventually take a regulatory nudge or two — similar to GDPR — to improve the situation also in consumer-facing devices and services.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Every time you turn around there is some sort of bullish forecast on the number of connected devices enabled by the internet of things. One example is this forecast predicting over 24 billion IoT devices by 2020 (and 34 billion total connected devices). Yet with all of this hype, some will tell you that we are still not articulating the real value of IoT and its impact on the business ecosystem. Tim O’Reilly said in an interview last year that Silicon Valley is “massively” underestimating the impact of IoT: “But I think they are missing the point. They are creating some gadgets, but they aren’t thinking about systems.”
After looking at the enterprise IoT space for the last couple of years, I also believe that the impact of IoT on the enterprise will be massive, disruptive and, in many ways, underestimated. Why underestimated? Much of the hype around IoT today is based on consumer context: I have a smart thing that I monitor and control with a smart device that uploads smart data to the cloud so I can have smart analytics about my smart thing. This conversation can apply to all kinds of consumer scenarios, and often drives people to think of IoT in the context of smart things/smart devices.
IoT challenges in the enterprise
The reality is, in an enterprise environment, IoT will be much more complex than the individual smart device/smart thing relationship. It gets back to Tim O’Reilly’s point about systems. When we started talking IoT initiatives nearly two years ago, we found most people were not excited to talk about IoT as it related to a new sensor, device or gadget. Instead, they were intrigued when you talked about the potential for IoT to help solve complex business problems. As organizations become increasingly digital in all aspects of their business, new challenges in managing the connections, devices and applications that make up their digital business arise. This is especially relevant as enterprise applications evolve to be a collection of services and interactions spread across the cloud, on-premises systems and devices/sensors/things.
The value in this enterprise context is the potential for IoT to manage the interactions within this complex fabric of new sensors, gadgets, mobile devices, apps and old legacy applications and physical infrastructure. But, how exactly does IoT help manage this complexity? This is where you move the IoT conversation beyond things — where a “thing” is defined as some sort of sensor or device — and more toward how you can solve complexity by integrating things together and automating processes within the digital business. Essentially, IoT can help the enterprise deliver integrated experiences across applications, devices and cloud services in an increasingly digital world. This is where the evolving IoT platform comes in to play.
The evolving IoT platform
That in itself sounds challenging, but haven’t we been talking about integration challenges in the enterprise now for decades? According to IDC, “The IoT platform, at its most basic level, is the middleware that connects endpoints to applications, enterprise backend systems and analytics tools.” The IoT platform has the potential to be the orchestrator for the digital business; connecting the new and the old, managing workflows and leveraging these workflows to better understand the best way to operate the business. The challenge with IoT platforms is immaturity. There are all kinds of choices out there, with new platforms announced by the day, and probably no one platform that meets all of the needs for the enterprise. And, many of the IoT platforms have the look and feel of a developer tool set, requiring the enterprise to invest in building their own IoT solutions.
Much of this is expected, as it is still early in the evolution of the IoT platform. But, this can also slow adoption until IoT systems mature. Last year, Gartner stated that 42% of organizations are using or planning to use IoT solutions within the next 12 months. This also demonstrates that nearly 60% of organizations are not planning to use or deploy IoT solutions in the next 12 months. It would also not be surprising if many in that 42% are in the early pilot stage or testing stage. In conversations with customers, it is clear that in some markets, there are mature plans for enterprise IoT deployments (like manufacturing, smart cities), but we are just at the beginning of enterprise IoT adoption for many other industries like healthcare and education.
While IoT in the smart thing/smart device context is seeing successful traction, the current challenges with IoT platforms may make it difficult to determine when is the best time to launch an enterprise IoT project. To determine whether IoT is a fit, take a close look at your business needs and business processes, and ask the question, “Are there current business challenges and inefficiencies that could be addressed through better integration and orchestration?” As organizations continue down the path of digital transformation, as they move to connect apps, devices, services, data and people spread across the globe, IoT will increasingly be viewed as an opportunity to orchestrate away complexity for the enterprise.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Convenience. Better security. Energy savings. Healthcare and fitness tracking. The internet of things is already providing these benefits to those who have invested in wearables, connected security systems, thermostats, lighting and a growing number of commercial applications. According to Juniper Research, over 38 billion connected devices will be in use three years from now.
From these early adopters and initial applications, where do we go next?
Challenges to wide-scale adoption still need to be solved. For example, how do you enable a device with no user interface? Without an interface, connected objects have no way of knowing a user’s intent. Another concern is security on an open network. But the biggest challenge of all is bringing IoT to all the unpowered objects that lack an internet connection.
This last challenge is particularly difficult in the smart home. A good overview of the situation is offered in the “Simplifying IoT: Connecting, Commissioning and Controlling with NFC; NFC Makes the Smart Home a Reality” white paper. The white paper outlines how Near Field Communication or NFC will benefit smart home devices and provides five pages of real-world use cases for NFC and IoT devices.
I believe NFC provides four key capabilities that will move IoT to wide-scale adoption.
- The ability to connect the unconnected: NFC solves the challenge of unpowered objects lacking network access. Embedded NFC tags in these unpowered objects allow intelligence to be added anywhere. Tap an NFC-enabled device to open a URL and deliver content to improve the user’s experience.
- User control with expressed intent: NFC offers the simplest, most intuitive way to indicate a user’s interest to take an action. NFC puts users in control of IoT by enabling connections on their terms and how they choose.
- Easy network access and data sharing: NFC makes connecting devices easy and intuitive. No lengthy hand shaking or data entry required. Tap your NFC-enabled device and you’re connected and can take advantage of IoT.
- Data security at multiple levels: Hackers can compromise an open network. NFC solves this problem for IoT users with features that limit eavesdropping and easy-to-deploy options for additional protections to match each use case.
Near Field Communication has the features and functionality to be a key enabler of IoT devices and foster wide-scale adoption. It can bring IoT to unpowered objects with its ability to connect the unconnected. In addition, NFC can put IoT devices under a user’s control, is easy-to-use with its “tap-and-go” functionality and provides a number of security options.
As IoT solutions continue to expand their audience, the work they’ll be tasked with will be increasingly complex. For example, smart cities will feature IoT connected surveillance, automated transportation, smarter energy management systems and environmental monitoring. In healthcare, IoT monitoring of vital signs will help patients avoid infections and assist in earlier care of medical conditions.
However, more complex solutions require more attention to product design details. Common mistakes companies make when they embark on an IoT design project can delay or even cripple implementation. Here are six IoT design mistakes to watch out for — once they’re identified, they are simple to avoid.
- Failing to determine whether the product should even be connected. Technology for technology’s sake is an expensive indulgence few companies can afford, yet it happens more often that you’d think. It commonly happens when an executive wants to enter the IoT world in an attempt to be part of a trending technology. Without a clear rationale, the project will flounder. Solid research conducted before embarking on a project will inform your decision and determine whether the device you’re designing should even be connected. If the proposed IoT product is determined to be viable, that initial research will serve as a reference point throughout the design process. When a decision needs to be made or is challenged, the research will help provide guidance.
- Selecting a hardware platform that can’t scale. When adding intelligence to a product that wasn’t connected before, many startups select hobbyist-grade boards. The trouble is, successful IoT products are not mass produced in Dave Packard’s garage: If the device takes off, production can’t scale, because you can’t source thousands of that type of hobbyist board. Do your research and think big: Only source components for your product that will be available and inexpensive to buy now and in the future.
- Ignoring the cost of meeting regulatory requirements. Regulatory testing is another important part of any IoT product design effort. Regulatory requirements and required certifications must be factored into the design. Because they are connected, IoT products must be tested for radiated emissions and susceptibility. If they plug into an outlet, conducted emissions and susceptibility could come into play. Additionally, cellular carrier testing must be performed. Such tests can be costly and time consuming. Selecting components that are pre-certified will drastically cut down those efforts. Pre-certified parts are more expensive, but they eliminate the headaches involved with getting certifications later. Definitely the way to go for an initial market offering.
- Tacking security on at the end of your design effort. Security needs to be baked into your IoT design process, not added on as an afterthought. It’s a must-have feature, not simply a nice-to-have one. The number of connected devices is astounding. Already there are more connected devices than people on the planet, according to Norio Nakajima, an executive vice president at Murata. By 2020, there will be 50 billion connected devices, outnumbering people by more than 6 to 1. The potential for a breach is enormous, and the results could be devastating. Bad guys often scan for poor or misconfigured security. Consider end-to-end security mechanisms, end-to-end data encryption, access and authorization control and activity auditing.
- Underestimating the importance of an honest-to-goodness design firm. While many startups spend a lot of time researching the contract manufacturers that will handle product assembly, they don’t do their due diligence when selecting a product designer. The common problem is that contract manufacturers will include the skills of their design engineers on staff, and startups enjoy the convenience of this approach. While it might save some time and money initially, these designers often don’t have the skills or expertise necessary that a more focused shop typically will. Nothing burns through a budget as quickly as having to redesign a product that does not meet the required functionality.
- Not ensuring the user of the device is in control. Ultimately, the person using the device is directing its activity, whether it’s connected to other devices via the internet or not. Sometimes, for example, the network is down — there is no Wi-Fi. It makes sense for a product to have some functionality even when it isn’t able to connect to others, for example by buffering sensor data or just having a killer industrial design. By making the device usable when disconnected, you’re underscoring the fact that you’ve created a product in which the user is in control. That’s important for some potential customers who may be uneasy with all the connectivity inherent in IoT products.
While the progress of complex IoT devices is exciting, it is important to remember the basics as well. Solid project management is just as important as avoiding the above mistakes when shepherding a leading-edge technology device from inception to the manufacturing floor. Selecting the right engineers for the design team, who have technical — as wells as communication — skills, is also critical to success. Finally, staying within budget parameters and meeting deadlines ensures the plan will be completed successfully — increasing the chances of future projects.
The internet of things is growing faster than we can blink. According to a 2016 Verizon market report, the IoT market is expected to grow from $591.7 billion in 2014 to $1.3 trillion in 2019. Additionally, the install base of IoT endpoints is expected to surpass 25.6 billion by 2019 and hit 30 billion by 2020.
This continued, rapid growth in IoT has created a world of limitless opportunity for businesses from nearly every category — from healthcare to fitness wearables to smart home appliances to connected cars to the industrial shop floor. No matter their differences, all of these companies have one thing in common: the ability to connect “things” and enable new business models as never seen before.
But operating a successful IoT business requires a lot more than offering a niche technology. It requires figuring out how to monetize that technology too, and this involves learning from past IoT mistakes.
With the collective ecosystem around IoT utilization expanding, figuring out how to create new revenue models and bill for these services — and do so quickly — is more important now than ever. Businesses that are doing this effectively are using elastic digital infrastructures to quickly adapt to changing market conditions and capture, measure and monetize all the massive amounts of data that IoT provides. Businesses that are doing this poorly are failing to future-cast for market changes and relying on old billing paradigms that don’t sync with new IoT infrastructures.
Case in point: Revolv entered the smart home market in 2012 with a control system that allows users to control all of their connected devices from a single hub. It quickly rose in popularity and value and was acquired by Nest in late 2014. However, it soon became evident that one of Revolv’s fundamental challenges was making money at the hub level. In April of this year, the company announced it would be disabled and would discontinue its line of smart home devices. Revlov CEO Tim Enwall, mentioned that one of his main takeaways was the company’s failure to future-cast changes in the IoT market and establish a recurring revenue model that worked.
Learning from IoT mistakes
Revolv teaches us a lot about what not to do when driving an IoT business. First and foremost that there’s no such thing as a “free lunch” in IoT — companies cannot launch new connected products and services without a clear path to sustainability.
Second, it’s critical for companies to be able to offer new pricing and packaging options that not only drive adoption and revenue in the present, but also account for potential changes in the future. Long-term profit in IoT ultimately begins and ends with an agile, adaptable monetization platform. And that platform should use development methodologies coupled with very short and parallel sprint schedules to assure it can adapt immediately to new client requests or develop innovative approaches to monetization in advance of market needs.
When planning an IoT initiative, companies need to think creatively and implement an agile monetization engine from the get-go. And while there are many differences, all agile monetization engines should encompass the same characteristics. They should not only allow for rapid time-to-market, but also re-enable the bundling of subscriptions as well as the ability to charge for any usage or consumption event. Furthermore, they should be able to calculate in real-time variables to dynamically maximize revenue. Uber does this brilliantly — it made surge pricing a household name whereas in reality this is dynamic supply and demand pricing in real-time. IoT initiatives should be able to capitalize on dynamic pricing as well, but it requires having the right monetization platform in place.
Perhaps the most important thing for companies to know about entering the IoT realm is this: the possibilities are limitless. Service offerings across all areas of the IoT are inherently different — some are wrapping services around capabilities and data while others are capturing revenue based on how specific sensors are being utilized. No matter the service, companies need to think differently about how they can derive value out of their products. The more creative companies are in how they package and price, the more opportunity they create to maximize revenue.
The internet of things is about converting the objects that surround us every day into a community of information. IoT devices turn billions of objects into data-generating “things” that can report on their status and even interact with their environment. These appliances can certainly connect through a lot of different ways, one being the cellular connectivity.
Wi-Fi vs. Cellular connectivity
Obviously, Wi-Fi reception is limited to the access point. It is also highly dependent on the network and device configurations. Cellular has reception everywhere without any maintenance effort for the customer. It means that with telecom access a large-scale, investigation is possible. Given the ubiquity of SIM-based devices, cellular solutions can achieve an unbelievable level of coverage for observing any events.
Mobile connectivity is becoming an integral part of IoT. Most use cases are designed for mobility. It in turn makes it an extremely compelling project topic. IoT Slam 2016 conference held a survey with a number of questions about connectivity. The first question was “How important cellular connectivity for your IoT projects?” Surprisingly, 75% of all participants answered that mobile connectivity is very important.
Challenges in the integration of IoT
There are an enormous amount of IoT use cases around us nowadays, such as payment terminals, fleet management, smart metering, asset tracking, smart home, security and surveillance, and e-health management. When an IoT device has just a single network, it simply will not always have the best quality of coverage. Users often experience difficulties in achieving flexible, secure and global connectivity for IoT devices, such as high integration effort, different APIs, troubles with network and device configurations, and limitations and dependences on core network capabilities of the mobile operators. It is also quite complex and difficult to enforce usage and security policies and the integration point with an infrastructure.
The solution for many IoT projects nowadays can be a multi-network SIM card. With the help of such solutions, users can create their own network. Therefore, it replaces the core of the existing operator network, scalable, cloud-based and globally distributed. In other words, there are no dependencies anymore, no different SIM cards and GSM connections could be available in any possible place.
The real-time monitoring of the devices is fundamental for collecting data. From the implementation side, there are no more difficulties for the users because of the direct control over SIM cards. Furthermore, it is one of the most important features. Real-time management of data usage, location and status of the devices can be done in the customer portal or via API.
It perfectly fits when the project requires the permanent connection on the IoT device at any place with the maximum possible existing coverage worldwide. At the same time, the devices can be located in different places. Consequently, it is hard to make sure that the same provider covers all locations. In this instance, it might be much easier to choose a multi-network SIM card. As a result, users receive independence from the mobile network operators.
With this basic overview of cellular connectivity solutions for IoT and potential of multi-network SIM cards, we easily can translate our individual needs into actionable results that could benefit the growth of IoT and society in a whole.
During an ultrasound test, both the patient and the doctor expect the data to tell an accurate story. However, in a distributed ultrasound design, the probe itself is an IoT endpoint. It is no longer wired to local ultrasound electronics, but wirelessly transmits the sensed data over low-latency networks to a remote facility. Cloud-based ultrasound apps and hardware analyze this data and deliver the processed information to the doctor in near real time.
This enterprise IoT use case is a significant breakthrough for healthcare providers. Instead of using expensive medical equipment (like an ultrasound) as single-user, standalone systems with distributed design, they can now scale up and offer superior patient care at a lower cost … only as long as the operations run securely and undisrupted. Because a cyberattack can not only corrupt sensitive diagnostics data, but can also threaten to disrupt critical healthcare infrastructure and even cost human lives.
In today’s internet, a security breach in a bank data center could compromise private information. It can trigger financial losses and identity theft of customers and employees. This is bad enough. But when critical operational infrastructure such as a smart water purification plant, nuclear facility or connected ICS/SCADA systems are exposed to cybersecurity threats, the risk-reward ratio skyrockets.
Until now in enterprise OT, obscurity was security. However, to remain competitive and exploit newer revenue streams fueled by IoT, isolation and obscurity are no longer viable.
OT innovations demand open connectivity
Industrial enterprises have assets geographically dispersed. Data networks are used for centralized supervision and control. These networks typically run vendor-owned proprietary protocols and hardware, usually very specific to a given industry vertical.
However, the networks in use are often outdated (think about modems), and mostly segmented away from corporate networks. This isolation along with non-standard technologies may have reduced cyber vulnerabilities for OT assets, although could not guarantee full protection against cyber hazards.
Two well-known cyberincidents in recent years are Stuxnet and Flame. In case of Stuxnet (discovered in 2010), Iran’s nuclear enrichment program was targeted. Initially, it spread using infected removable devices. It eventually infected 100,000 computers at 22 manufacturing sites and destroyed 1,000 centrifuges. It exploited the controller architecture by hijacking a vendor’s dynamic link library driver.
Duqu and Flame happened in 2011 and 2012 respectively. Duqu was a Trojan horse that captured and expunged data via a jpeg file. Flame was a spyware discovered in Iran oil and nuclear installations. This was more complex than Stuxnet; it could record audio, screenshots, keyboard activity and network traffic.
IT and OT convergence, led by the industrial internet, exposes operational assets to open connectivity and standard protocols. It also opens doors for newer threat vectors. The resulting impact of a breach may well surpass Stuxnet in enormity.
Combating the industrial Trojan at large
Wurldtech, a cybersecurity vendor for the industrial internet, has released certain proactive threat countermeasures unique to the OT landscape. WurldTech’s Executive Director of Product Management Tom Mueller observed, “One of the main threat vectors of industrial automation equipment is the communication interfaces that are used to connect and build systems for automation.”
He further noted, “Assets that are being operated and controlled by industrial automation systems have demanding operational missions. Many of these systems are required to operate 365 days a year for many many years between outages without failures.”
These unique operational lifecycles demand layers of protection to stay ahead of emerging threats. The very dynamics of enterprise OT requires us of think and approach cybersecurity differently than what we have done for IT.
Unlike in IT, in OT we are dealing with machines and devices whose lifetime is measured in decades, not years. The concept of automated patch release and install is absent. Upgrades are few and far between.
Industrial systems are more deterministic and less fluid compared to IT assets, but OT system downtime is not acceptable. Control and availability is more important in such cases than data confidentiality.
Cybersecurity technologies for operations must factor in these unique differences. The security solution must make sense in OT reference frame and be deployable in industrial environments. Because in event of a cyberattack, we may not get a second chance.
My life was different than my parents’ lives, and I am sure their lives were also different than their parents’ own lives. I remember my grandmother telling me the story of when she gave birth to my father — seven days in the hospital, with pain, time and uncertainty defining the experience. Then I think about my kids’ lives and how different their experiences have been than my own when I grew up — I had no cell phone at school (there were no cell phones, period), no internet, no seat belt laws, the news came from the networks and newspapers, and visits to the dentist were blindingly painful.
All of these experiences were pretty normal to me — but that was 1968. To suggest that our childrens’ lives will be different than ours, on any dimension, is obvious. So making the statement that our kids’ lives will be different because of mHealth is also a statement of the obvious. In fact, qualifying the statement with mHealth is unnecessary unless one cares about its specific impacts. However, I think mHealth is an interesting and important qualifier, and one worth discussing more. The change on every level is inevitable, but for mHealth, the rate of change, magnitude of change and, most importantly, the scope of change are worth considering.
Like all things IoT, one of the key aspects of mHealth is the increase in the granularity of the signature. IoT gives us much more data about manufacturing machines, cars, refrigerators and, of course, our bodies. But since our kids have grown up with the internet, it is a given that the far-reaching capabilities of IoT and the many types of associated advanced technology, such as mHealth, will not phase our kids in any way. As mHealth continues its progression, our kids naturally will not think twice about shoes with sensors in them, Fitbits, wearables ranging from watches to underwear that are recording all types of information about their daily activities, nor about their temperatures, heart rates, blood oxygen levels, etc. — all this has become expected.
But the real question to consider is what is done with all that information? First, it will create a much more precise biological signature of our children meaning all the things doctors need to ask about when you visit will already be evident and far less ambiguous — the data doesn’t lie.
Then there is the question of the doctor herself. Are you visiting her office two miles from home? Or, perhaps you are seeing an LPN with full access to specialists via telemedicine — for example, you may be in Peoria, but the pediatric cardiologist might be at Northwestern in Chicago, with the full knowledge of the digital signature your body has been creating. Moreover, the specialist might be using extremely advanced tools on you from 200 miles away with the help of the LPN as if he were right in the room — he just cannot physically touch you.
Furthermore, the digital signature you have been creating can also be mapped against what has been revealed by your DNA analysis. That very detailed digital map (which was never available to me when I was a kid, and would have been beyond unaffordable for my children), will be pocket change and quick to acquire for my grandchildren. The ability to not only diagnose based on certain conditions, but now based on a highly personalized map of you specifically, has moved from technologically possible, but impractical (i.e., to the point of unrealistic), to the point where that level of specificity will be normal. The rate of change is now moving very fast, and the magnitude of the change is mind blowing.
Another question to consider is are you an upper-middle class family in Connecticut who has had solid and dependable healthcare for generations? What if you are from rural Georgia, or rural Tanzania? As mHealth technology becomes so much more affordable, it will be deployed on a much broader level, reaching all sorts of social classes, more than ever before. That doesn’t mean poor kids in Tanzania are going to be outfitted with sensors like the ones in Greenwich, but as the technology grows, and especially as the telehealth services reach rural areas, children that were never really properly cared for before now have a fighting chance.
Nuanced in this whole discussion about mHealth are the implications on our kids. If we were to think of our kids as machines in a factory then they would be the most important capital assets of our household. The sensor wiring deployed via mHealth allows us to do predictive maintenance on those assets (our kids) so they can perform better and be maintained with higher quality. Bottom line: the care that mHealth can offer our kids allows them to be healthier, but also allows us as parents to have much greater confidence in our kids’ abilities to play hockey, bike, go to school, etc. Said differently, kids can basically “remain in operation,” or be pulled out of operation for that matter, based on reliable, empirical data. You may even know how hard your kids can hit in hockey, how fast they can run and how to push their limits in ways that allow them to develop better than you — or your parents before you — ever could.
In time, the level of integration in the ecosystem around us will take mHealth to even higher levels. For instance, the very manual process of testing people for early signs of illness today relies on analysis of blood, urine or fecal matter sent to a lab. But those same specimens run through your house virtually every day, and they can help you identify potential health issues much earlier. In fact, when mapped against your DNA signature and the granular signature of how you are living your life through a variety of vital signs, mHealth has the potential to be so much more powerful than what it is today.
That day will be here before you know it. There are elements of it now, and they are increasing at a blinding rate, with sophistication beyond what most of us can imagine. But the kids who are yet to be born into today’s world won’t be fazed at all by this progression. They will expect it as a way of life. And with that will come the “knowledge” as to the boundaries they can push, the situations they can embrace within the confines of good health and the potential world their kids will subsequently live in. It makes my head explode thinking about it all — in a good way.
Connected devices are everywhere, and the data being generated by these devices continues to transform healthcare, manufacturing, consumer products and many other industries. But this is just the beginning. By 2020, it is expected that 20.8 billion connected things will be in use worldwide. And with a large percentage of IoT decision makers already experimenting with internet of things solutions — or planning to do so within the next 12 months — finding a strategy that works for your business will be crucial to future success. Finding the right IoT strategy can result in increased revenue streams, product optimization, better customer relationships and more. In my experience, the following steps are crucial to IoT success:
1. Think big, but start small
When a company first starts thinking about IoT, it can be overwhelming. There are so many ways that IoT can be leveraged that finding the right place to start can be like finding a needle in a haystack. So I suggest that businesses first take a look through its existing offerings to identify a natural use case, then start working towards it. For example, Under Armour’s CEO Kevin Plank was quoted saying that the future of IoT will not be mobile wearable devices, but instead, apparel that can read biometrics. Plank recognized a huge opportunity for the company to use its existing infrastructure — that of a well-known fitness apparel manufacturer — to create new products that also offer a new service to its customers, one that can help them reach their fitness goals. Leveraging this use case, the company has begun taking steps toward making connected fitness a reality across the globe. The company now controls the world’s largest digital health and fitness community and has the infrastructure in place to help consumers succeed in meeting their fitness goals.
2. Always have a revenue goal in mind
Companies must also remember to think about where the revenue will come from once an IoT strategy is in place. IoT does take some investment, and executives will want to think about what they want to achieve in terms of product development and revenue goals prior to getting started. Thinking ahead will ensure that the time and effort that is spent developing an IoT implementation will pay off over the long term.
3. Keep customers in mind
IoT implementations have the potential to transform a business, but it’s the customer experience that will be the most impacted. Make sure to keep customers in mind when developing an IoT strategy. It will be crucial to have a clear value proposition that resonates with customers and also aligns with the company’s existing offerings, whether products, services, or both. Circling back to the Under Armour example, it is clear that the company ultimately kept its customers in mind when building a new service that put their fitness goals first. Executives made sure that a main focus of its IoT innovation was to build rich and rewarding fitness communities — sales growth and customer engagement were the benefits, rather than the driver, of the initiative.
4. Don’t wait for other businesses to capture revenue that could be yours
IoT implementations are happening, so it is time to jump on board. Like the internet before it, businesses cannot ignore IoT innovation without the risk of being left behind. This year alone, a large percentage of businesses have started to implement their own IoT strategies. Companies are recognizing that IoT has the potential to redefine their existing business models and open up new forms of revenue and customer growth. In order for businesses to keep up, they must recognize that IoT is here to stay.
How are you driving IoT innovation at your company?