Last September, IBM released its most recent Cost of a Data Breach Report. According to the study, companies took around nine months to identify security breaches involving stolen or compromised credentials.
More specifically, industrial organisations spent 199 days on average to identify and 73 days to contain attacks.
These attacks have become scarily common. Amazon detects around 1 billion cyber threats a day, an increase of hundreds of millions compared to 2023 due to AI adoption.
“Depending on the business and the exact scenario, that could potentially be quite catastrophic for that business or for a patient if it’s in a healthcare context. Not being able to detect, never mind react and start to fix it for more than seven months, is pretty shocking in my mind,” observed Iain Davidson, Senior Product Marketing Manager at Wireless Logic.
In an interview with TelcoForge during MWC 25, Davidson shared concerns and the solutions the IoT industry has found to counter potential attacks.
Thankfully, there are some helpful approaches out there. “We’ve been quite successful recently with something we call anomaly and threat detection,” Davidson said.
According to him, this solution monitors device-to-server communications, looking for unusual patterns.
For example, devices may suffer a device takeover and be used as an IoT bot to launch a denial of service attack against the home server. It may be downloading malware or a backdoor that’s been used. Without inspecting code, he can help OEMs or enterprises identify if there is a backdoor in the device that they’re designing or buying and using.
“I think enterprises and OEMs are increasingly up to speed with this thinking that you’ve got to design connectivity at the start of your project. You’ve got to think about security and how you’re going to design it into the device,” he added.
The Three Pillars
Approaches such as SIM-based authentication are positive, especially for the IoT sector, in which global operations are usual. However, the expert advocates for more—more at the SIM level, the device level, and device management.
One option would be the ability to update firmware or reconfigure a device that is underperforming or experiencing a cyberattack.
Another solution is standards. GSMA’s IoT Safe, for example, allows an additional applet that runs on the SIM and provides additional storage to store a PKI certificate. Davidson explains that this option provisions all in the same way that SIM cards do.
“There’s only a handful of companies in the world that are qualified to do this – the same companies that are delivering that type of capability into banking and payments. The PKI stuff is IT networking, it’s HTTPS type. It’s an approach that brings that same capability into the IoT world.”
However, Davidson and Wireless Logic work under three pillars to decrease risks: defend, detect, and react.
The defend part is largely about SIM-based authentication, IoT Safe, usernames and passwords, and private Access Point Names (APNs). However, his message for the market is to be prepared for a breach to happen because attacks get more and more creative and innovative. So they have to be prepared. And that means monitoring and detecting in real time.
Finally, you react and fix the problem. The sooner, the better: The IBM report shows that identifying a breach under 200 days can save up to $ 1.3 million in costs for companies.
The Future is Security First
Governments and associations have several standards in place to try to keep up with security threats.
In the European Union, for example, Davidson mentioned the Cyber Resilience Act, which cites ETSI’s Cyber Security for Consumer IoT Baseline Requirements. In the United States, you will find NIST and its Cybersecurity Framework.
While they are an important aspect of IoT, one issue is that standards can get quite abstract. That’s why Davidson advocates for a shift. “You’ve got to design security at the beginning. It’s a key change now, and I think legislation helps drive that mindset.”
“I think there’s still some way to go, but we see evidence of customers now having done many proofs-of-concept, and they might even have quite mature deployments out there,” he concluded.
