M2M will bring government regulation, predicts IT consultant

The so-called Internet of Things sparks two emotions among security professionals: A certainty that government regulation will be needed to prevent needless deaths, and an equal determination to keep legislators away from the industry.

That’s how some of the debate shaped up this week at the annual SecTor conference in Toronto, where a panel on predictions for the coming year found lively debate.

At one end was Ottawa consultant Brian O’Higgins, who is very concerned about the number of wireless sensors being embedded in almost everything.

The car industry is working on creating a standard for self-driving cars with anti-collision sensors that wirelessly talk to each other by 2020, he said. O’Higgins works for some vendors here trying to get certifications. But, he said, General Motors isn’t waiting — it wants to have the technology in a Cadillac by 2017, before a safety standard is set.

“I work with  startup that embeds sensors in concrete for measuring how structures cure,” he added. The sensors will be there for years. “The opportunity for abuse is huge.”

With the Internet of Things/machine-to-machine communications “the attack surface area is growing exponentially.” He admits that an adversary could gain control of a system “and create havoc.”

The computer industry is only about 60 years old, he said, but he predicts it will be regulated like the car industry and health care is for safety. The advantage, he added, is buyers will get software quality assurance.

He didn’t have much support. David Senf, vice-president of IDC Canada’s infrastructure solutions Group, said some IT regulation — like mandatory data breach notification — is necessary. But regulation done wrong could slow down the industry, and possibly cut into startup financing. “It has to be done properly,” he said. “Standardization but not regulation.”

Gord Taylor, a Toronto-based independent security consultant argued that regulation would be self-defeating. The Internet has been built on 20 year-old code, he said, whose vulnerabilities are only now being discovered.

Industry elf regulation will be far more successful than imposed regulation because if vendors have a vested interest in making sure a product is secure they’ll do it better. “It won’t be checkbox security,” he said, meaning “the government says I have to do this. Check.”

“No industy is standing up and saying please regulate me more,” O’Higgins acknowledged, “but it will happen. There will be more and more regulation”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now