IoT roundup: Carriers expand NB-IoT, Congress eyes IoT security …

A powerful IoT networking technology used by the major carriers continues to gain ground, Congress makes noise about training and a prominent researcher warns of security trouble ahead.

nw iot news internet of things smart city smart home7
Getty Images

The major U.S. mobile carriers are eager participants in the rise of IoT, and it’s tough to argue that they don’t have a major role to play – the capability to connect largely anywhere, coupled with the capability to handle high-throughput applications, means that cellular data can be an attractive option for the connectivity piece of an IoT deployment.

AT&T announced a deal with Vodafone last week to interconnect their respective narrow-band IoT networks across the Atlantic, marrying AT&T’s U.S. coverage with Vodafone’s in western Europe. That means that businesses with NB-IoT deployments in those areas can use that single network to connect their entire implementation. Not to be outdone, Sprint announced at Mobile World Congress in Los Angeles last week that it, too, was rolling out NB-IoT on its Curiosity IoT platform.

NB-IoT’s a cornerstone of the carriers’ appeal to the IoT market – in brief, it’s a low-bandwidth network technology that operates on a small sliver of a carrier’s allocated wireless spectrum. It’s designed to handle large numbers of less data-intensive IoT endpoints over a wide area, so it’s likely to be available in most locations where you’d want to install an IoT system.

Rolling out more capable IoT-focused networking options will only deepen that appeal, now that each of the big four has an NB-IoT network in operation.

Congress and IoT security

Representative Ro Khanna (D-CA) introduced a bill last week that would require the Office of Management and Budget to train federal employees in cybersecurity and to talk specifically about the risks posed by IoT devices.

Khanna’s announcement of the bill cites a Congressional Research Service report on the risks of IoT, warning of less capable devices, not designed with security in mind, potentially incapable of receiving important security updates, and so on.

The Internet of Things Cybersecurity Training for Federal Employees Act is an important step in the right direction for the federal bureaucracy, which employs about two million people, not including the postal service and the armed forces. It’s hard to ignore the potential impact of IoT-based security breaches in the federal government, particularly where election security is involved.

Insecurie IoT devices: 'The asbestos of the future'

Well-known cybersecurity expert and F-Secure Chief Research Officer Mikko Hyppönen is probably one of the leading thinkers on digital threats in the world, and he’s certainly among the most quotable. Hyppönen has already coined an eponymous “Hyppönen’s Law” about IoT, which states that “if it’s smart, it’s vulnerable.” Fair enough.

In an interview with analysis and consultancy firm GlobalData, Hyppönen compared the proliferation of insecure IoT devices to “the asbestos of the future.”

“What’s happening right now, around us, I guess would be characterized as IT asbestos,” he said. “Such a great innovation, which then decades later turned out to be the worst innovation.”

Now, to be clear, Hyppönen seems to have mostly been talking about consumer IoT – the connected toaster ovens and washing machines of the world. But his point about the mass proliferation of IoT devices is still relevant to the enterprise, and underlines the scale of the work required to secure everything.