FUTURE TECHNOLOGY the data. Look for IoT devices that offer device-to-device encryption. Consider implementing as well as bolstering, comprehensive encryption schemes to protect data in networks, cloud services and endpoint devices.
 2
 Device vulnerabilities In the past year, security researchers have exposed holes in WiFi-enabled Barbie dolls, Jeep Cherokee cars, fitness trackers and other new-fangled connected devices. Security research institutions already see IoT based attacks on the radar and happening in real time around the world. This shows the risks that are coming as toys, wearables, cars and power grids get attached to sensors that are linked to a public network and the Internet.
 IoT will bring forth a larger surface attack. Hackers will eye IoT devices as a launching pad for land-andexpand attacks. One scenario: hackers take advantage of vulnerabilities in connected consumer devices to get a foothold within the corporate networks and hardware to which they connect.
 So how do CIOs protect against the risks of connected devices and their own IoT implementations? Short of physically separating such devices from all other network systems, they can consider deploying networkbased protection schemes. Internal segmentation firewalls, for instance can limit the proliferation of threats inside the business network. They also need to employ an IoT network security solution which is capable of mitigating exploits against this growing and vulnerable attack surface. IoT vendors need to harden their products and develop proper product security teams.
 3
 IoT gateways
 In a typical IoT deployment, the majority of connected devices will be always connected and always on.
 Kalle Bjorn is Director of Systems Engineering Middle East at Fortinet
 Embedded worms will spread by leveraging and exploiting vulnerabilities in growing IoT and mobile attack surfaces
 Unlike mobile phones and laptops, such devices are likely to go through only a one-time authentication process across multiple sessions. This will make them attractive to hackers looking to infiltrate into company networks, as it allows easy control and sniffing of traffic.
 Shoring up the security of the gateways that connect IoT devices is therefore a must. CIOs should map out where these gateways are and where they are linked to, whether they reside internally or externally, and whether connected to IoT device manufacturers. There must also be a sound plan for updating security patches on these gateways, as well as the IoT devices.
 4
 Big data risks
 If there is anything definite in smart city deployments, it is that more data will be generated, processed and stored. Connected devices will generate huge data repositories. Businesses that adopt big data systems will see an even larger data deluge. Unfortunately, such data will also become attractive targets for corporate hackers. To protect huge amounts of data with large inflows and outflows, the bandwidth capabilities of security appliances will come to the fore.
 When dealing with data analytics, it often is not just a single data set, but multiple repositories of data that may be combined and analysed together by different groups of people. For instance, a pharmaceutical company’ s research efforts may be open to employees, contractors and interns. This means individual access and auditing rights.
 5
 IoT worms
 New worms designed to attach to IoT devices will emerge, and they could wreck more havoc given the extended reach of the new converged networks. Conficker is an example of a worm that spread on PC’ s in 2008 and is still persistent and prevalent in 2016. Likewise, worms and viruses that can propagate from device to device can be expected to emerge, particularly with mobile and the Android operating system.
 Embedded worms will spread by leveraging and exploiting vulnerabilities in the growing IoT and mobile attack surface. The largest botnet is in the range of 15 million PC’ s. Thanks to the Internet of Things, this can easily reach in excess of 50 million if the spread of IoT worms is not properly mitigated. Patch management, and network based security inspection, particularly intrusion prevention systems, that can block IoT worms is a must.
 27