Phone’ll Jingle, Door’ll Knock: US Rep & EPIcenter Keynote, Will Hurd, Weighs In on Imminent IoT Security Risks & Best Practices

By: Consuelo Azuaje

Punctuated by sips of coffee and firm handshakes, conversation stirred amongst attendees at San Antonio, TX’s very first IoT Summit which was held at the city’s historic Pearl complex. The event was organized by EPIcenter, a recently-founded non-profit that aspires to become a smart energy hub and innovation center. EPIcenter’s CEO, Kimberly Britton, and board intend for the center to positively impact local residents and the global community by contributing to the development of cleaner, smarter energy. The crowd found their seats and settled in as Britton took the stage and explained how IoT had contributed to EPIcenter’s creation and had shaped its mission. She was preaching to the choir, and the choir hummed back with energy.

Then keynote speaker and US representative for Texas’s 23rd congressional district, Will Hurd, took the stage. “What is IoT and why should it matter?” he asked. It’s a question that keynote speaker Congressman Will Hurd addressed before delving into his core concerns. Hurd cited a recent IEEE study that predicted the global number of connected devices would rise to 17B by 2020. The air is buzzing with noise of connected devices, and a Metcalfe’s Law-informed perspective would look at that kind of surge and equate it with greater utility. Hurd countered, however, that connected devices represent more than the utility they offer; they are also opportunities for exploitation. Vulnerabilities. Like gaps in telco-network security, they make both providers and clients vulnerable to cyber-attack.

How do cyber attacks happen to good networks? Cybersecurity is a messy challenge. An arms race that precludes magic bullets and will force cybersecurity professionals to constantly up their game. Still, even the best cyber security systems and practices can fall prey to attack. The goal isn’t to reach perfection—an impossibility—but to pragmatically and constantly approach it. Doing so minimizes attack efficacy and better safeguards providers and clients alike from attacks which could affect them both physically as well as materially.

The first step to developing a strong defense is to understand the nature of the attack. Cyber attacks are one step in a negative feedback loop. No cybersecurity system is foolproof but cyber attack success rate can be stemmed by good practices. When bad practices lead to disaster, government officials panic and step in to do the only thing they know how to do—legislate. Over-legislation stunts innovation and growth. It’s not uncommon for technology, often ripe on the vine, to become obsolete before it can reach the market due to over-legislation. Which leads to suboptimal cybersecurity systems stunted from their true potential which leads to greater vulnerability which leads to more legislation. Tech, stunted of its true potential, leads to sub-optimal systems that are more susceptible attack and likely to supply lawmakers with reasons for creating even more legislation.

So what’s to be done? How can we break the cycle? By establishing good cybersecurity practices.

In their rush to forge ahead, the previous generation that created the Internet neglected to invest as much in security and we’re feeling the backlash today. For one, companies need to stop backing default passwords into their devices. Second, encrypt everything. Even the simplest devices should be encrypted. Third, plan for regular software updates.

By providing an open work space to tech innovators and energy experts, EPIcenter will facilitate collaborative problem-solving, cultivate the creation of new technology, and ease the necessary paradigm-shift towards greater IoT acceptance. EPIcenter will offer innovators a space to experiment with and test new technology—a crucial component in the process of invention, not only for weeding out ideas but for forming new ones.