The World Economic Forum and the Council on the Connected World published the State of the Connected World 2023 report exploring governance gaps related to the internet of things (IoT). The report outlines the findings of a survey conducted with 271 experts worldwide to understand the state of IoT affairs. The COVID-19 pandemic has increased IoT demand in health, manufacturing, and consumer IoT. However, there is a lack of confidence when it comes to matters such as privacy and security.
Two main governance gaps are identified: (1) a lack of governmental regulation and implementation of industry standards and (2) IoT users are more susceptible to cyber threats and cyberattacks.
One recommendation is for businesses and governments to develop and implement practices to improve privacy and security and create a more inclusive and accessible IoT ecosystem. The need to improve equal access to technology and its benefits is also underscored.
The third edition of Cyber Signals, a yearly report which highlights security trends and insights from Microsoft’s 8,500 security experts and 43 trillion daily security signals, was recently launched. In this edition, experts present new information on broader threats to critical infrastructure posed by converging information technologies, the Internet of Things (IoT), and operational technology (OT) systems.
Some of the report’s highlights include:
- Unpatched, high-security vulnerabilities identified in 75% of the most common industrial controllers in customer OT networks.
- Over one million connected devices publicly visible on the internet running Boa, an outdated and unsupported software widely used in IoT devices and software development kits.
- An 78% increase in disclosures of high-severity vulnerabilities from 2020 to 2022 in industrial control equipment produced by popular vendors.
The US National Institute of Standards and Technology (NIST) and its National Cybersecurity Center of Excellence (NCCoE) published a draft practice guide for trusted internet of things (IoT) onboarding and lifecycle management. This guide demonstrates how organisations can protect their IoT devices and networks. It details standards, practices, and technology to demonstrate mechanisms for trusted network-layer onboarding of IoT devices. The guide also shows how to provide network credentials to IoT devices in a trusted manner and maintain a secure posture throughout the device lifecycle.
The National Telecommunications Regulatory Authority of Egypt (NTRA), together with the Information Technology Industry Development Agency (ITIDA), held Egypt’s first forum for internet of things (IoT) services. The forum aims to promote and disseminate IoT services within Egypt’s market, particularly across national projects. Representatives of 36 public and private entities, technology manufacturers, and operators participated in the forum. The forum approved two main agendas. The first agenda concerns securing data, establishing regulatory and legislative frameworks, and raising awareness. The second agenda relates to using IoT services in public utilities such as health, education, environment, transportation, tourism, energy, industry, agriculture, irrigation, and smart cities sectors.