TOP | 2015 | Weekly Column | Cybersecurity in the IoT Era: The roles and responsibilities for the future

Cybersecurity in the IoT Era: The roles and responsibilities for the future
Faculty of Environment and Information Studies, Keio University
Prof. Jun Murai
Now the IoT (Internet of Things) era has come, and every service all over the world is about to be thoroughly reshaped, far beyond the boundary of existing IT industries. Tremendous progress is about to be made based on the applying data to problems in every area, not only in business and government area but also in education, agriculture, medical care, health, tourism, and entertainment, all of which have only indirect relationships with IT and the Internet up to the present. Moreover, new horizons have been opening, where each area merges together and new services are born in the totally new area through shared common wisdom and knowledge generated from the data.
In the Internet world, new value has been produced since Internet-enabled computers are all connected to each other, allowing computer users to work or to communicate whenever it is necessary. This connectivity is a huge contribution of Internet technology, allowing us to share and exchange digitized data freely. The world of IoT is a world where not only computers but also new devices such as smartphones, automobiles, electric appliances, various electric instruments, sensors, and electric meters directly connect to the Internet, so that we can utilize and share the data generated from them.

Let’s consider three types of new service developments with IoT.
At first, new services have been starting to develop, and they are taking advantage of the IoT data characteristics. Until now, we have only had character strings or linguistic data, but IoT brings us numerical data about the world. E-mail, webpage and SNS have composed much of the Internet history. Search engines and e-marketing have been developed as they have been utilized by these items, but they are only handling string data. They have been developed by using natural language processing technology based on syntax analysis. In contrast, sensors and devices produce complex variety of data which consists of only numerical value such as geographical position and temperature, etc. We can expect the development of revolutionary new services by combining and using these data. IoT is changing the rules of innovation game, which until now have been created only in the Anglosphere.
Secondly, the services in areas which have not actively utilized the Internet so far, can enjoy great benefits by using non-string data. For example, if soil fertility can be measured by a sensor on a farming machine and the measured data can be utilized in the IoT environment, the agricultural efficiency can be greatly improved. By measuring the flow of people and the environment accurately in cities or tourist spots, high quality services can be produced in fields such as business, administration, everyday life and disaster prevention. Furthermore, the perspective for cross-sectoral data usage will be clearer. Moreover, by using the data, the person in charge of the operation of each service can establish a clear development plan describing its objectives, laying out by whom, for whom and what kind of value it should produce.

Thus, management of organizations has a new opportunity to exceed the original roles of their organizations by utilizing data and IT in the IoT environment. We can realize true IT adoption, with which top management sets the usage of IT and data as a core organizational responsibility. This will be different from conventional IT adoption, in which the people entrust IT specialists or rely on outsourcers regarding IT issues.

Now, let’s consider the impact on cybersecurity in the IoT era. Under the IoT environment in which the data plays the leading role, it becomes much more important to clarify both the discrimination of the data by its meaning and name, and the access authorization, movement, archival, and responsibility of management for the identified data. As the number and the size of the data we handle increase, the measure of efficient standardization and communication of the data and resources for using the data will be required. The systems should be also transformed so that they can improve the effectiveness of the data usage and data security at the same time. Using cloud systems is one effective option.
The efficient use of data goes beyond the categories of current practice and often produces new power, free from the existing boundaries of the business itself. In order to realize data utilization beyond such boundaries, it is necessary to promote data format standardization; to define a security architecture that can clarify how to identify data, who can access it and how it can be accessed; and to communicate these standards and concepts internationally. The development of a cybersecurity-focused environment is a key factor not only for protecting important data, but also for developing sound businesses and services utilizing that data. Thus, it becomes an important strategy to involve the concepts of a cybersecurity environment, especially a data security environment, in the organizational management system, in order to realize safety as well as quality improvement of the services, and enhancement of the organization in the IoT era.

This is a new challenge initiated by the ability of IoT to enhance existing services, and to develop new services utilizing data.
I often feel that there is a shift in the expectation for new development with IoT from western countries to Asian countries, much as I have felt this over the thirty-year history of the Internet in Asia. The Asian region has a responsibility to develop the next generation services utilizing new sensors, devices, and to appropriately manage the data generated from them. Safe, secure and high quality services will be spreading on the Internet. Our opportunity, and our challenge, for realizing the potential for tremendous future progress based on high level cybersecurity has just started.