In an Exploding World of Connectivity, Simplicity is the Strategy of Choice for CISOs, CTOs and CIOs

The Covid-19 pandemic represents a historic inflection point that is likely to forever alter the strategies of CISOs, CTOs and CIOs.

Cisco reported that 95% of organizations allow personal devices in some way in the workplace.

The role of context is important here. The unrelenting trend of BYOD in the workplace has meant more insecure devices and greater vulnerability for companies. As remote work prevails, how do we reduce the risk of losing customer trust, productivity and even bottom line dollars?

Protecting data, networks and devices in the exploding world of connectivity and the Internet of Things is a formidable challenge for technology leaders. It is a moving target that Cybersecurity Ventures predicts will cost $10.5 trillion in 2025 in cybercrime, triple the figure for 2015.

In today’s world, nothing is secure. Many of the CISOs, CTOs and CIOs I speak with are struggling to find a trusted security framework before launching digital transformation initiatives. This is more than just a handful of enterprise companies; this impacts most of us. According to Stage-Gate International, “70%+ of US based companies plan to introduce a new digital technology platform, digitize their products (i.e. physical, software, and hybrid) or digitize their innovation management processes.”

One approach to ensuring security confidence is to have a standardized certification for devices, a guided IoT security framework. We are all familiar with certifications in areas outside technology. The International Organization for Standardization (ISO) was founded in 1947. President Richard Nixon signed the act for the Occupational Safety and Health Administration (OSHA) four days after Christmas in 1970.

Here’s the interesting fact about those certification frameworks: They appeared at times in history when industry needed them. We didn’t have 20 billion IoT devices in 1947 like we do now (instead we saw the debut of the Williams-Kilburn tube which stored bits as dots on a screen’s surface). IoT devices, according to Gartner, extend far beyond smartphones and PCs. The “things” in IoT include “dedicated-function objects, such as vending machines, jet engines, connected cars and a myriad of other examples.” Steve Jobs introduced the iPhone in 2007, a little more than a decade ago. In a very short timeframe, technology has given way to an urgent need for standards.

One organization driving the concept of certification is PSA Certified, a comprehensive IoT security framework and assurance scheme for securing digital transformation across industries. 

PSA Certified independently tests chips, software and the new wave of IoT products (connected cameras, thermostats, sensors, gateways, etc.) using a set of resources which have been developed by well known “founding members” like Brightsight, an independent security lab; safety and security leader UL; and Arm, which makes processors used by more than 70% of the population. Security is a global challenge, and PSA Certified takes into account major industry standards and government regulation from around the world.

I believe this high level of collaboration is one of the most powerful ways our society will meet the challenges ahead. As these reputable companies join forces, they share intelligence and diversity of thought for greater innovation. As a technology leader, fewer suppliers and touch points means better visibility into threats and cybercrime prevention. Rather than holding a federation of companies responsible for security, a single source is easier to manage.

On the flip side of users are the makers. For product manufacturers, having a common set of requirements means faster go-to-market, more confidence, stronger brand integrity and lower total cost of ownership. The point of entry for cyber criminals is escalating. According to the 2020 Unit 42 IoT Threat Report, “devices are only used as stepping stones in lateral movement to attack other systems on a network.”

Certifying devices is a must-have step for any IoT product. Having a single place simplifies the path. In fact, the concept of simplicity may be one of the most powerful strategies of choice for technology leaders as the world of connectivity becomes more complex and data exponentially multiplies.

My core belief is that growth in business and growth as individuals can be best found at the crossroad of technology and humanity. The technology we use must be secure. When companies safeguard their technology, they take fear and risk away. Then, and only then, do people have the freedom to use technology to achieve their best work.