Click here to close now.

Welcome!

@ThingsExpo Authors: Liz McMillan, Elizabeth White, SmartBear Blog, Dan Ristic, Pat Romanski

Related Topics: IoT Expo, Java, HP, Cloud Expo, Security, Big Data Journal, @ThingsExpo

IoT Expo: Article

The Nature of the Internet of Things

In the Boardroom with... George Romas, Technical Dir., Cybersecurity Solutions Group, HP Enterprise Services, US Public Sector

Mr. George Romas is the Technical Director of the Cybersecurity Solutions Group at HP Enterprise Services, U.S. Public Sector.

SecuritySolutionsWatch.com: Thank you for joining us again today, George. It's been roughly one year since our first meeting when we spoke about building security in, continuous monitoring, and the process that HP undertakes to develop and deliver the right cybersecurity solutions to HP customers. But, one year feels like a decade in the IT space - so much has happened. Today we'd like to discuss with you the topic of IoT (the Internet of Things). We read with great interest your recent blog on this subject. If you don't mind, can you please share with us your primer on IoT?

George Romas: IoT is something that we discuss on a regular basis at HP and I am appreciative of the opportunity to share my ideas on the topic with you. As you know, today we live in a world where just about everything is connected. While the Internet connects computers, in concept, the IoT connects everything else. Solutions in this space are appearing rapidly within the consumer space, while interesting industrial applications are also being deployed (please see my above blog link for examples.) You can think of IoT as a network of connected processors and sensors, and the type of sensors are only limited by your imagination. Today, the consumer space is seeing an expansion in the sensor environment (weather, home, traffic, safety), fitness (health, exercise), and multimedia (streaming to multiple devices, remote control). Yet as embedded processors and sensors become smaller (think "nano-sized"), we will be able to monitor and manage nearly anything. This will impact a wide range of industries and markets, from more efficient utilization of IT infrastructure to transportation systems, to automation of daily personal tasks.

SecuritySolutionsWatch.com: The upside and benefits of IoT are clear... things get done "for us" not necessarily "by us." Today's smart home is perhaps a good example here - as homeowners can control their HVAC and security systems from anywhere, at any time. Forgot to lower the heat when you left for vacation? Did you set the alarm... lock the door? No problem - just do it when you land in Hong Kong - or on the way there - or even your house can be programmed to do it automatically upon detecting your absence. And the convenience of being able to pay a bill, send a gift, check a stock price, find out who won the game, make a dinner reservation, respond to that customer - all in a matter of seconds with our mobile devices - makes us more efficient. But, we all know there are bad guys out there. Are we now also more vulnerable? Does IoT also mean an Internet of greater risk (IoGR)? Should I worry that my iPhone is a target? What are your thoughts?

George Romas: I'd like to start the conversation by talking about extremes. Let's take security out of the equation and assume that everything is connected and life is easy. Just as you outline, we can automate many of our daily tasks, both personal and business. In this scenario, we have processors and sensors everywhere that know your location, behavior, preferences, schedule, tasks, goals, hobbies, etc. This aligns with the typical science fiction depiction of the future: your house wakes you up, adjusts lighting and temperature, breakfast is ready, and clothes are picked out according to your activities that day. Your self-driving car has reviewed current traffic patterns and whisks you off to work while you answer emails and catch up on the news. Your day is already scheduled for you and meetings, phone calls and tasks occur without you having to think about or plan them. The rest of the day proceeds similarly, with everything planned and scheduled by the algorithms and machines around us.

Now, to answer your question - yes, you should worry! All the components of this scenario and the interactions between them are vulnerable to manipulation and disruption. Without security in the equation, that utopian day can quickly devolve into chaos and danger. Each benefit I described also introduces vulnerabilities because by connecting open networks to physical objects and personal information, you're opening yourself to a variety of threats and attacks.

SecuritySolutionsWatch.com: Your colleague at HP, Sridhar Solur, Director, Next-Gen Computing and Cloud Services, presented some eye-opening statistics in his recent IoT presentation - one example being that by 2025 more than one trillion devices will be connected to the Internet. With all these mobile devices coming into the workplace with access to the network, what is your perspective on "best practices" that should be followed by a government agency, a bank, a hospital, an oil and gas company, the transportation entity, or other enterprises that employ owners of those devices?

George Romas: As I previously mentioned, security is of the utmost importance when it comes to more and more devices being connected to the Internet, especially as employees bring them to the workplace. One trillion devices globally translate into trillions of attack surfaces. Conversely, having "too much" security doesn't work either, as the nature of IoT requires real-time response. If devices and communications are locked down, and each transaction has to be authenticated, the system would become unusable due to performance and timing issues. Instead, I recommend leveraging the security frameworks that are well known - for example, privacy, data or HIPAA protections - and building the capabilities needed to implement those frameworks into IoT protocols; combining it with approaches to design security in. While some of these capabilities don't exist yet, as I outlined in my blog, there are initiatives to provide both better interoperability and better security for the IoT. More information about these initiatives can be found on my HP blog post, "The Internet of (Secure) Things - Embedding Security in the IoT." We have to walk the fine line between the benefits that come with IoT and the complexity of securing the IoT ecosystem - from human identities to critical infrastructure.

SecuritySolutionsWatch.com: Can we discuss data analytics for a moment? With sensors everywhere that monitor our behavior, our health, as well as the performance of the machines we depend on in our personal and business lives, IoT delivers powerful information that can be monetized. Do you envision certain industries being transformed and other new industries being created as a result of IoT?

George Romas: In transforming industries and our lives, the benefits of IoT are as obvious as its potential abuses. For instance, think of the possible health and medical advances that could be realized by tracking the details of individual diet, exercise and behaviors across an entire population. We don't think twice about allowing our shopping preferences to be tracked so that we can enjoy discounts and targeted coupons. Why wouldn't we do the same if it meant better health and longer life? Instead of just tracking you, IoT devices could modify your life, for a fee, to continuously monitor and optimize the changes in your health; for instance, your refrigerator could substitute items on your shopping list or in your recipes (e.g., substituting Truvia for sugar, or egg whites for whole eggs). Your daily schedule could be modified to include more exercise. Devices could continuously monitor and optimize the changes in your health. Yet, however, if the appropriate security controls are not implemented, the possibility of abuse can be equally envisioned. This same private data could instead be used to target ads and promotions to every individual, monetizing every behavior and preference, or in an extreme case, substituting a deadly allergen or poison as a new form of attack. Instead of optimization, the goal could become consumption, or even a bizarre deadly health hazard.

Thinking about the availability of massive amounts of data that will be collected, I can imagine many novel uses for that information. Integrate streaming video from drones with transportation schedules, weather data, traffic cams/statistics (air, rail and road), and more, to automatically find the optimal route and mode of transportation to-and-from anywhere to anywhere. Provide dates, destination and "family vacation" details to a travel system and your experience can be enhanced as the system could make all of your reservations (at the cheapest rates) for you.

In addition, IoT will create completely new industries that form around smart devices. We already see the beginnings of that today, where smoke detectors, thermostats, audio/video equipment, watches, smart phones, vehicles and more are becoming sensor-rich and network-enabled. Everyday devices in your home or office will collaborate to form new capabilities.

An example of this scenario can be demonstrated through home security. Using IoT, your home would know that your house is vacant by polling the motion detectors embedded in its Nest Protect smoke detectors and thermostat, and correlating that information with the family schedule (work and school). When the back door opens without the proper key code or ping from an authenticated smartphone and motion is detected, your home sounds a piercing alarm over the whole-house audio speaker system. In turn, it also sends an alert with streaming video to the police, sends warning texts to all family members, and disrupts other communications from within the house.

In the workplace, the information gathered from IoT can be leveraged in a number of ways. It identifies and authenticates you to physical and cyber systems, alerting on anomalous behaviors and providing single sign-on access to the resources required for your job/role. Your workplace can utilize this information to better plan and operate IT resources. In addition, a virtual CIO/CISO can continually and minutely monitor performance and security of corporate systems. This information also feeds into business processes, optimizing all the components needed to reach corporate goals.

SecuritySolutionsWatch.com: While we're on the subject of front-page news, more security inevitably means more cost and less convenience to users. Are we going to have to bite the bullet and make these adjustments?

George Romas: Yes, but we have the opportunity to do this the correct way. As Sridhar noted, IoT devices will be ubiquitous. Investing more today in developing the proper protections and protocols must be done. These protections will speed adoption, and economies of scale will more than pay for today's investment. Just do a Web search for "IoT" and you'll see a large number of companies and open source initiatives working in this market. We have to work towards a common, secure framework to provide these solutions with a resilient, assured environment to operate in.

SecuritySolutionsWatch.com: Thank you again for joining us today. Are there any other subjects you'd like to talk about?

George Romas: In some ways, I consider myself a futurist, in the same way that science fiction authors can sometimes accurately predict future technologies and solutions. When I think of what IoT may look like in 2025, with possibly one trillion devices (a global network of sensors), I can't help but think of Isaac Asimov's Foundation series of science fiction novels. He created the science of psychohistory - by combining the studies of history, sociology and statistics against large populations, you could accurately predict the flow of future events. Imagine that unprecedented collection of current and past human behavior on a global scale.

HP is prepared for this explosion of data with scalable big data management and analytics platforms like HAVEn and Autonomy - designed to help enterprises leverage all your relevant Big Data, to make more informed decisions. However, for the time being, my parting thought is to ask, is it too far of a leap to believe that we could create algorithms that could predict future human behavior and consequent events? Just something to ponder....

This interview originally appeared in SecuritySolutionsWatch.com. Republished with permission.

More Stories By Elizabeth White

News Desk compiles and publishes breaking news stories, press releases and latest news articles as they happen.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
Sonus Networks introduced the Sonus WebRTC Services Solution, a virtualized Web Real-Time Communications (WebRTC) offer, purpose-built for the Cloud. The WebRTC Services Solution provides signaling from WebRTC-to-WebRTC applications and interworking from WebRTC-to-Session Initiation Protocol (SIP), delivering advanced real-time communications capabilities on mobile applications and on websites, which are accessible via a browser.
SYS-CON Events announced today that B2Cloud, a provider of enterprise resource planning software, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. B2cloud develops the software you need. They have the ideal tools to help you work with your clients. B2Cloud’s main solutions include AGIS – ERP, CLOHC, AGIS – Invoice, and IZUM
SYS-CON Events announced today that Tufin, the market-leading provider of Security Policy Orchestration Solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. As the market leader of Security Policy Orchestration, Tufin automates and accelerates network configuration changes while maintaining security and compliance. Tufin's award-winning Orchestration Suite™ gives IT organizations the power and agility to enforce security policy across complex, multi-vendor enterprise networks. With more than 1...
SYS-CON Events announced today that Cloudian, Inc., the leading provider of hybrid cloud storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Cloudian, Inc., is a Foster City, California - based software company specializing in cloud storage software. The main product is Cloudian, an Amazon S3-compliant cloud object storage platform, the bedrock of cloud computing systems, that enables cloud service providers and enterprises to build reliable, affordable and scalable cloud storage solu...
“With easy-to-use SDKs for Atmel’s platforms, IoT developers can now reap the benefits of realtime communication, and bypass the security pitfalls and configuration complexities that put IoT deployments at risk,” said Todd Greene, founder & CEO of PubNub. PubNub will team with Atmel at CES 2015 to launch full SDK support for Atmel’s MCU, MPU, and Wireless SoC platforms. Atmel developers now have access to PubNub’s secure Publish/Subscribe messaging with guaranteed ¼ second latencies across PubNub’s 14 global points-of-presence. PubNub delivers secure communication through firewalls, proxy ser...
SYS-CON Events announced today that Gridstore™, the leader in hyper-converged infrastructure purpose-built to optimize Microsoft workloads, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Gridstore™ is the leader in hyper-converged infrastructure purpose-built for Microsoft workloads and designed to accelerate applications in virtualized environments. Gridstore’s hyper-converged infrastructure is the industry’s first all flash version of HyperConverged Appliances that include both compute and storag...
SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada. Our partner network encompasses some 300 of the world's leading systems integrators and security s...
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch of Docker's initial release in March of 2013, interest was revved up several notches. Then late last...
So I guess we’ve officially entered a new era of lean and mean. I say this with the announcement of Ubuntu Snappy Core, “designed for lightweight cloud container hosts running Docker and for smart devices,” according to Canonical. “Snappy Ubuntu Core is the smallest Ubuntu available, designed for security and efficiency in devices or on the cloud.” This first version of Snappy Ubuntu Core features secure app containment and Docker 1.6 (1.5 in main release), is available on public clouds, and for ARM and x86 devices on several IoT boards. It’s a Trend! This announcement comes just as...
SYS-CON Events announced today the IoT Bootcamp – Jumpstart Your IoT Strategy, being held June 9–10, 2015, in conjunction with 16th Cloud Expo and Internet of @ThingsExpo at the Javits Center in New York City. This is your chance to jumpstart your IoT strategy. Combined with real-world scenarios and use cases, the IoT Bootcamp is not just based on presentations but includes hands-on demos and walkthroughs. We will introduce you to a variety of Do-It-Yourself IoT platforms including Arduino, Raspberry Pi, BeagleBone, Spark and Intel Edison. You will also get an overview of cloud technologies s...
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Health care systems across the globe are under enormous strain, as facilities reach capacity and costs continue to rise. M2M and the Internet of Things have the potential to transform the industry through connected health solutions that can make care more efficient while reducing costs. In fact, Vodafone's annual M2M Barometer Report forecasts M2M applications rising to 57 percent in health care and life sciences by 2016. Lively is one of Vodafone's health care partners, whose solutions enable older adults to live independent lives while staying connected to loved ones. M2M will continue to gr...
While not quite mainstream yet, WebRTC is starting to gain ground with Carriers, Enterprises and Independent Software Vendors (ISV’s) alike. WebRTC makes it easy for developers to add audio and video communications into their applications by using Web browsers as their platform. But like any market, every customer engagement has unique requirements, as well as constraints. And of course, one size does not fit all. In her session at WebRTC Summit, Dr. Natasha Tamaskar, Vice President, Head of Cloud and Mobile Strategy at GENBAND, will explore what is needed to take a real time communications ...
The best mobile applications are augmented by dedicated servers, the Internet and Cloud services. Mobile developers should focus on one thing: writing the next socially disruptive viral app. Thanks to the cloud, they can focus on the overall solution, not the underlying plumbing. From iOS to Android and Windows, developers can leverage cloud services to create a common cross-platform backend to persist user settings, app data, broadcast notifications, run jobs, etc. This session provides a high level technical overview of many cloud services available to mobile app developers, includi...
SYS-CON Events announced today that Vicom Computer Services, Inc., a provider of technology and service solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. They are located at booth #427. Vicom Computer Services, Inc. is a progressive leader in the technology industry for over 30 years. Headquartered in the NY Metropolitan area. Vicom provides products and services based on today’s requirements around Unified Networks, Cloud Computing strategies, Virtualization around Software defined Data Ce...
Dave will share his insights on how Internet of Things for Enterprises are transforming and making more productive and efficient operations and maintenance (O&M) procedures in the cleantech industry and beyond. Speaker Bio: Dave Landa is chief operating officer of Cybozu Corp (kintone US). Based in the San Francisco Bay Area, Dave has been on the forefront of the Cloud revolution driving strategic business development on the executive teams of multiple leading Software as a Services (SaaS) application providers dating back to 2004. Cybozu's kintone.com is a leading global BYOA (Build Your O...
SYS-CON Events announced today that Ciqada will exhibit at SYS-CON's @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Ciqada™ makes it easy to connect your products to the Internet. By integrating key components - hardware, servers, dashboards, and mobile apps - into an easy-to-use, configurable system, your products can quickly and securely join the internet of things. With remote monitoring, control, and alert messaging capability, you will meet your customers' needs of tomorrow - today! Ciqada. Let your products take flight. For more inform...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
What exactly is a cognitive application? In her session at 16th Cloud Expo, Ashley Hathaway, Product Manager at IBM Watson, will look at the services being offered by the IBM Watson Developer Cloud and what that means for developers and Big Data. She'll explore how IBM Watson and its partnerships will continue to grow and help define what it means to be a cognitive service, as well as take a look at the offerings on Bluemix. She will also check out how Watson and the Alchemy API team up to offer disruptive APIs to developers.
The IoT Bootcamp is coming to Cloud Expo | @ThingsExpo on June 9-10 at the Javits Center in New York. Instructor. Registration is now available at http://iotbootcamp.sys-con.com/ Instructor Janakiram MSV previously taught the famously successful Multi-Cloud Bootcamp at Cloud Expo | @ThingsExpo in November in Santa Clara. Now he is expanding the focus to Janakiram is the founder and CTO of Get Cloud Ready Consulting, a niche Cloud Migration and Cloud Operations firm that recently got acquired by Aditi Technologies. He is a Microsoft Regional Director for Hyderabad, India, and one of the f...