Cisco challenges community to secure Internet of Things

Cisco security chief Chris Young

Cisco security chief Chris Young

If the Internet of Things (IoT) is to stay on its heady adoption curve, the M2M systems at its heart will need to be not just cheap and reliable, but also markedly more secure than they are today. Cisco Systems Inc., a vendor with a vested interest in keeping the IoT party going is putting up some cash and laying down the challenge to address that latter obstacle.

In an effort to engage the community on the matter of securing the exploding numbers of IP-enabled devices being connected daily in everything from ranging from home appliances to health care devices to industrial equipment, Cisco is launching the Internet of Things Security Grand Challenge, a chance for the global security community to propose practical security solutions across all of the markets being impacted IoT.

Cisco is putting up $300,000 in prize money for awards of $50,000 to $75,000 for up to six recipients. Cisco’s team of security experts will evaluate proposals based on feasibility, scalability, performance, and ease-of-use as well as its technical maturity and its ability to span multiple vertical industries like manufacturing, transportation, health care, oil and gas exploration, smart power grids, and others.

“In the health care sector, it’s easy to imagine how Internet-connected devices and systems are revolutionizing patient care,” said Chris Young, senior vice president of Cisco’s Security Group. “In the transportation sector, technologists are already connecting vehicles and their subsystems to the Internet. It is also, unfortunately, too easy to imagine how these world-changing developments could go terribly wrong when attacked or corrupted by bad actors.

“With the IoT as a significant part of the larger Internet of Everything [Cisco’s term for the space] market transition that brings together connected devices with people, processes, and data, it’s even more imperative that we ensure the things we connect are secure,” said Young. “The Internet of Things Security Grand Challenge offers visionaries, innovators, and implementers the opportunity to define a future of a secure IoT.

Cisco has set up a Web page for the IoT Security Grand Challenge where interested parties can keep tabs on the progress of the contest and prepare their own submissions before the deadline on June 17, 2014. Winning solutions will be announced and showcased at Cisco’s Internet of Things World Forum in Barcelona in late October.

The security challenge addresses a top-of-mind problem for potential users and interested partners nibbling around the edges of the vast IoT opportunity.

Internet-connected machines are expected to number some 200 billion by 2020, according to IDC Corp. At that rate, automated machine-to-machine (M2M) transactions will vastly outnumber traditional human-to-computer transactions. Cisco itself claims the market for these hyper-connected devices will top $19 trillion in the next eight years. But those figures could be at risk if security gets short shrift and the devices become unpatched, unmonitored badlands for hackers and cybercriminals.

A recent survey by SSH Communications Security and Forrester Consulting found that the rise of M2M connections in data centers across most industries has far outstripped the ability of organizations to secure them. The resulting misalignment of security and compliance priorities is placing these organizations at risk, the survey found.

“Misunderstanding how best to secure M2M transactions — and whose responsibility it is to do so — has placed organizations under significant risk of data breach,” said Tatu Ylonen, CEO of Helsinki-based SHH Communications Security and the inventor of the eponymous protocol that has become the de facto standard for data-in-transit security. “As organizations across all sectors embrace the concept of the Internet of Things, enabling more objects and sensors to communicate to support new business models the need to automate M2M connections is increasingly critical.”

According to the SSH and Forrester findings, M2M processes are now in use to some degree in just about every business organization and 62 percent of those polled say they plan to increase M2M use over the next year. Half are using M2M for logistics management and customer service and fully half of the financial institutions polled say they use M2M connections for billing. But while 68 percent say IT data security is a critical priority, only 25 percent feel the same way about  M2M systems, even those tasked with carrying high-value payloads.

These are issues that will need to be sorted out soon if IoT is ever to realize its potential. They are also issue where the channel might gain a foothold in this emerging space and take advantage of the opportunities within.

This article originally appeared on