Internet of Things

Wary that the Internet of Things (IoT) could be used to introduce unwanted and unchecked security risks into government networks, senators last year created a piece of legislation that placed minimum security standards around IoT devices sold to and purchased by government agencies.  The IoT Cybersecurity Improvement Act of 2017 specifically cites the need for regulation of “federal procurement of connected devices,” including edge computing devices, which are part of the IoT ecosystem.

The days of the United States’ stature as a force without equal appear to be over. The threat of near-peer competition with increasingly sophisticated adversaries is growing. As Secretary of Defense James Mattis says in the National Defense Strategy, "America has no preordained right to victory on the battlefield."

The Department of Homeland Security (DHS) Science & Technology Directorate (S&T) is announcing today that Ionic Security Inc., based in Atlanta, is the first company to successfully complete prototype testing and move to the pilot deployment phase as part of the Silicon Valley Innovation Program (SVIP).

The U.S. Army Research Laboratory (ARL) has awarded a $25 million contract to a group that includes SRI International and several universities. They will work to develop and secure the Internet of Battlefield Things (IoBT), as part of the IoBT Research on Evolving Intelligent Goal-driven Networks (IoBT REIGN) program.

With the Internet of Things promising—or perhaps threatening—to connect many more millions of devices, experts from industry, government and the military are urging action.

The critical infrastructure covers a lot of territory, including banking and finance, gas and oil, health care, agriculture, water distribution, transportation, communication, law enforcement and emergency services. Many outdated and poorly secured computers, experts say, operate a great deal of that infrastructure. Additionally, commercial or private entities own the vast majority of the infrastructure, meaning that government has little authority to protect it.

The increasing nature of computing capabilities, the number of technologies that are interconnected to the cyber world, the amount of data generated, and the speed at which data is reported are all reshaping everyday life. To harness this new dynamic, the commercial computer industry has already switched to a more agile way of developing software. More and more, the military is moving to advance the development of cyber-based infrastructure under this changing environment.

How many software engineers does it take to screw in a light bulb? None. It’s a hardware problem. That joke, though, soon might be on its way to becoming wrong with the speed of technology, joked Lt. Gen. Alan Lynn, USA, director of the Defense Information Systems Agency (DISA) and commander of the Joint Force Headquarters–Department of Defense Information Networks (DODIN).

Though the U.S. Defense Department has spent much time and money to protect high-value network assets such as emails from cyber intruders, the systems remain vulnerable to attacks. So imagine the weaknesses to systems that haven’t garnered as much defense attention or reinforcements, a senior official said.

“We have spent a lot of time—and have been very successful at—protecting our email information,” said Daryl Haegley, program manager for Business Enterprise Integration (BEI) in the Office of the Assistant Secretary of Defense for Energy, Installations and Environment. “But what about the control systems, manufacturing systems, facilities networks, medical devices? What we’re finding is ‘not so much.’ 

While we are all still in the early stages of a networked, always-on Internet of Things world, this is the precise time to develop crucial and effective cybersecurity solutions to combat growing threats. The developing ecosystem needs new ideas for bold government actions, particularly to reduce the risks of quantum computers.

Quantum Threats Looming