{"id":13959,"date":"2020-07-24T13:55:38","date_gmt":"2020-07-24T12:55:38","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=13959"},"modified":"2020-07-24T16:10:33","modified_gmt":"2020-07-24T15:10:33","slug":"security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/","title":{"rendered":"&#8220;Security Twins&#8221;: A new security &#038; trust guarantee for connected devices (1\/2)"},"content":{"rendered":"<p>In 2010, the early hype-cycle of IoT (Ericsson and Cisco) predicted 50 billion devices by 2020. In reality, that figure was highly overestimated. Today, Gartner states that approximately 5.8 billion IoT terminals will be in use in 2020<sup>1<\/sup>. Even if the market is not as developed as it was first predicted, it is still growing: those 5.8 billion of IoT devices represent <strong>an increase of 21%<\/strong> over 2019.<\/p>\n<p>Despite their usefulness, introducing connected devices unfortunately brings <strong>new risks<\/strong> for companies. Indeed, according to the Palo Alto Networks report<sup>2<\/sup> published in March 2020, <strong>57% of the connected devices analyzed were vulnerable to medium or high severity attacks<\/strong>. This is not surprising. Securing connected devices is proving to be an arduous task that explains why Beecham Research<sup>3<\/sup> finds 62% of Industrial IoT transformations fail to scale because of a lack of trust.<\/p>\n<p>Therefore, with this article we will try to ask ourselves about the security and trust issues of connected devices and how companies can deal with them.<\/p>\n<p>&nbsp;<\/p>\n<h2>What are the security and trust issues of connected devices?<\/h2>\n<p style=\"text-align: justify;\">In order to mitigate the security risks on connected devices, NIST recommends in its report<sup>4<\/sup> published in 2019 to focus on 6 main areas:<\/p>\n<ul>\n<li style=\"text-align: justify;\"><strong>Inventory<\/strong>: Maintain an accurate inventory of all connected devices and their most relevant characteristics throughout their lifecycle (<a href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/09\/life-cycle-iot-security\/\">see the article<\/a> detailing the lifecycle of connected devices).<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<figure id=\"post-13960 media-13960\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-13960 size-full\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-1-1.png\" alt=\"\" width=\"1479\" height=\"755\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-1-1.png 1479w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-1-1-374x191.png 374w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-1-1-71x36.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-1-1-768x392.png 768w\" sizes=\"auto, (max-width: 1479px) 100vw, 1479px\" \/><\/figure>\n<p style=\"text-align: center;\">Figure 1 &#8211; Connected device lifecycle<\/p>\n<ul>\n<li style=\"text-align: justify;\"><strong>Vulnerabilities<\/strong>: Identify and eliminate known vulnerabilities in the software and firmware of connected devices to reduce the likelihood and ease of exploitation and compromise.<\/li>\n<li style=\"text-align: justify;\"><strong>Access<\/strong>: Prevent unauthorized and inappropriate physical and logical access, use and administration of connected devices by people, processes and other computing devices.<\/li>\n<li style=\"text-align: justify;\"><strong>Detect security incidents of connected devices<\/strong>: Monitor and analyze connected device activity for signs of incidents involving the security of the device.<\/li>\n<li style=\"text-align: justify;\"><strong>Detect data security incidents<\/strong>: Monitor and analyze the activity of the connected device for signs of data security incidents.<\/li>\n<li style=\"text-align: justify;\"><strong>Protect data<\/strong>: Prevent access and alteration of data that could expose sensitive information or allow manipulation or disruption of the operation of connected devices.<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">However, current IoT platforms only partially meet these security requirements (<a href=\"https:\/\/www.wavestone.com\/en\/insight\/iot-platforms-cornerstone-successful-iot-strategy\/\">see the article<\/a> detailing the usefulness of IoT platforms).<\/p>\n<p>&nbsp;<\/p>\n<p id=\"post-13962 media-13962\" class=\"align-none\" style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-13962 size-full\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-2-1.png\" alt=\"\" width=\"1073\" height=\"329\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-2-1.png 1073w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-2-1-437x134.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-2-1-71x22.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-2-1-768x235.png 768w\" sizes=\"auto, (max-width: 1073px) 100vw, 1073px\" \/>Figure 2 &#8211; The usefulness of IoT platforms<\/p>\n<p>&nbsp;<\/p>\n<p style=\"text-align: justify;\">Indeed, traditional IoT architectures rely on a <strong>centralized cloud platform<\/strong>, operated by a third-party company and where most often the rules for data collection and storage are opaque. <strong>This is not the best solution to ensure the security of connected devices since<\/strong>:<\/p>\n<ul>\n<li>The use of a centralized cloud platform introduces the risk of &#8220;<strong>single point of failure<\/strong>&#8221; on the <strong>IoT architecture<\/strong> (although today this risk is mitigated with the implementation of a redundant architecture and backups).<\/li>\n<li>It is entirely possible for an attacker to <strong>change the data stored in the cloud database<\/strong>. The decision making of the different stakeholders is therefore impacted.<\/li>\n<li><strong>Collaboration<\/strong> between the different stakeholders of the IoT deployment (manufacturers, maintenance operators, &#8230;) becomes more <strong>difficult<\/strong> because access to the platform can be restricted to them.<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">The use of a <strong>decentralized management system<\/strong> for connected devices where all stakeholders would have the possibility to <strong>reliably consult or contribute information<\/strong> regarding connected devices (firmware version, maintenance operations, etc.) becomes essential to guarantee the security of those devices and the integrity of data they produce.<\/p>\n<p>&nbsp;<\/p>\n<h2 style=\"text-align: justify;\">How do &#8220;Security Twins&#8221; help meet the security challenges of connected devices?<\/h2>\n<p>In order to support IoT platforms and improve the security of IoT deployments, the notion of\u00a0 <strong>&#8220;Security Twin&#8221; should be introduced in IoT deployments.<\/strong><\/p>\n<p>The principle of a &#8220;Security Twin&#8221; is simple. It is a <strong>virtual representation<\/strong> of the connected device that <strong>contains all its security information<\/strong>, such as firmware version, vulnerabilities, etc. upon which all stakeholders involved in its upkeep can reach consensus (see figure 3).<\/p>\n<p>&nbsp;<\/p>\n<figure id=\"post-13966 media-13966\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-13966 size-full\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-3-1.png\" alt=\"\" width=\"1012\" height=\"459\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-3-1.png 1012w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-3-1-421x191.png 421w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-3-1-71x32.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-3-1-768x348.png 768w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Figure-3-1-730x330.png 730w\" sizes=\"auto, (max-width: 1012px) 100vw, 1012px\" \/><\/figure>\n<p style=\"text-align: center;\">Figure 3 &#8211; The &#8220;Security Twin&#8221; mechanism (from: Jitsuin)<\/p>\n<p>&nbsp;<\/p>\n<p>A &#8220;Security Twin&#8221; gains effectiveness when more <strong>stakeholders<\/strong> of the deployment <strong>can interact with it<\/strong> and reach consensus that the<strong> information provided\/recorded is correct<\/strong>.<\/p>\n<p>Therefore, solutions based on <strong>Distributed Ledger Technology (DLT)<\/strong> represent a logical first step in the creation of Security Twins, as they would allow the security information of the connected device to be gathered in <strong>a decentralized and immutable registry<\/strong> that would be accessible by all authorized stakeholders in the IoT deployment. The best well known distributed registry solution is the Blockchain (<a href=\"https:\/\/www.wavestone.com\/en\/insight\/blockchain-practice\/\">see the article<\/a> on Blockchain\u2019s uses and limitations).<\/p>\n<p>Taking up the points raised earlier in the NIST report, one could say that the use of a &#8220;Security Twin&#8221; would therefore improve:<\/p>\n<ul>\n<li><strong>Device and access management<\/strong>: all stakeholders of the IoT deployment would have access to a decentralized and immutable register of all the connected devices with the corresponding security and trust information.<\/li>\n<li><strong>Vulnerability management and the detection of device security incidents<\/strong>: the different stakeholders could share device security information and take the necessary actions (e.g. the manufacturer of a connected device could notify the other stakeholders of the availability of a new firmware update thanks to the &#8220;Security Twin&#8221;).<\/li>\n<li><strong>Data protection and the detection of data related security incidents<\/strong>: The very foundation of a &#8220;Security Twin&#8221; is based on the use of a decentralized and immutable register to record data related to the security of connected devices. This makes it more difficult for attackers to change the data, which reduces the risk of a security incident.<\/li>\n<\/ul>\n<p>The use of &#8220;Security Twins&#8221; therefore offers the possibility of strengthening the security, integrity, trust and resilience of connected devices.<\/p>\n<p>The start-up Jitsuin has developed &#8220;Jitsuin Archivist&#8221; a tool based on Distributed Ledger Technology (DLT) to overcome the lack of collaborative tools to secure connected devices. The purpose of this tool is not to replace IoT platforms but to allow the creation of &#8220;Security Twins&#8221;.<\/p>\n<p>Together, Wavestone and <a href=\"https:\/\/jitsuin.com\/\">Jitsuin<\/a> sought to demonstrate the benefits of using a decentralized architecture with \u201cSecurity Twins\u201d. The two companies have therefore collaborated on the construction of a PoC (Proof of Concept) to tackle identity and access management of buildings using connected devices, which will be introduced in a future article.<\/p>\n<p>&nbsp;<\/p>\n<p>1 Gartner, 29th August 2019 : https:\/\/www.gartner.com\/en\/newsroom\/press-releases\/2019-08-29-gartner-says-5-8-billion-enterprise-and-automotive-io<br \/>\n2 Palo Alto Networks, 10th March 2020, \u201cUnit 42 IoT threat report\u201d: https:\/\/unit42.paloaltonetworks.com\/iot-threat-report-2020\/<br \/>\n3 Why IoT projects fail https:\/\/www.whyiotprojectsfail.com\/?cs=br2<br \/>\n4 NIST \u2013 \u201cConsiderations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks\u201d : https:\/\/csrc.nist.gov\/publications\/detail\/nistir\/8228\/final<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In 2010, the early hype-cycle of IoT (Ericsson and Cisco) predicted 50 billion devices by 2020. In reality, that figure was highly overestimated. Today, Gartner states that approximately 5.8 billion IoT terminals will be in use in 20201. Even if&#8230;<\/p>\n","protected":false},"author":1379,"featured_media":13956,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3275],"tags":[3577,2817,3181,3576],"coauthors":[3572,3578,813],"class_list":["post-13959","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-iot-consumer-goods-en","tag-connected-device","tag-data-protection","tag-iot-en","tag-nist-en"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>&quot;Security Twins&quot;: A new security &amp; trust guarantee for connected devices (1\/2) - RiskInsight<\/title>\n<meta name=\"description\" content=\"In 2010, the early hype-cycle of IoT (Ericsson and Cisco) predicted 50 billion devices by 2020. In reality, that figure was highly overestimated. Today, Gartner states that approximately 5.8 billion IoT terminals will be in use in 2020. Even if the market is not as developed as it was first predicted, it is still growing: those 5.8 billion of IoT devices represent an increase of 21% over 2019.Despite their usefulness, introducing connected devices unfortunately brings new risks for companies. Indeed, according to the Palo Alto Networks report published in March 2020, 57% of the connected devices analyzed were vulnerable to medium or high severity attacks. This is not surprising. Securing connected devices is proving to be an arduous task that explains why Beecham Research3 finds 62% of Industrial IoT transformations fail to scale because of a lack of trust.Therefore, with this article we will try to ask ourselves about the security and trust issues of connected devices and how companies can deal with them.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"&quot;Security Twins&quot;: A new security &amp; trust guarantee for connected devices (1\/2) - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"In 2010, the early hype-cycle of IoT (Ericsson and Cisco) predicted 50 billion devices by 2020. In reality, that figure was highly overestimated. Today, Gartner states that approximately 5.8 billion IoT terminals will be in use in 2020. Even if the market is not as developed as it was first predicted, it is still growing: those 5.8 billion of IoT devices represent an increase of 21% over 2019.Despite their usefulness, introducing connected devices unfortunately brings new risks for companies. Indeed, according to the Palo Alto Networks report published in March 2020, 57% of the connected devices analyzed were vulnerable to medium or high severity attacks. This is not surprising. Securing connected devices is proving to be an arduous task that explains why Beecham Research3 finds 62% of Industrial IoT transformations fail to scale because of a lack of trust.Therefore, with this article we will try to ask ourselves about the security and trust issues of connected devices and how companies can deal with them.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-24T12:55:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-07-24T15:10:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1280\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Raquel De Faria Cristas, Michel Girier, Cl\u00e9ment Leroy\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Raquel De Faria Cristas, Michel Girier, Cl\u00e9ment Leroy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/\"},\"author\":{\"name\":\"Raquel De Faria Cristas\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/90c0690f92031d5a3d98739e0b6faaea\"},\"headline\":\"&#8220;Security Twins&#8221;: A new security &#038; trust guarantee for connected devices (1\/2)\",\"datePublished\":\"2020-07-24T12:55:38+00:00\",\"dateModified\":\"2020-07-24T15:10:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/\"},\"wordCount\":1062,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg\",\"keywords\":[\"connected device\",\"data protection\",\"IoT\",\"NIST\"],\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"IoT &amp; Consumer goods\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/\",\"name\":\"\\\"Security Twins\\\": A new security & trust guarantee for connected devices (1\/2) - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg\",\"datePublished\":\"2020-07-24T12:55:38+00:00\",\"dateModified\":\"2020-07-24T15:10:33+00:00\",\"description\":\"In 2010, the early hype-cycle of IoT (Ericsson and Cisco) predicted 50 billion devices by 2020. In reality, that figure was highly overestimated. Today, Gartner states that approximately 5.8 billion IoT terminals will be in use in 2020. Even if the market is not as developed as it was first predicted, it is still growing: those 5.8 billion of IoT devices represent an increase of 21% over 2019.Despite their usefulness, introducing connected devices unfortunately brings new risks for companies. Indeed, according to the Palo Alto Networks report published in March 2020, 57% of the connected devices analyzed were vulnerable to medium or high severity attacks. This is not surprising. Securing connected devices is proving to be an arduous task that explains why Beecham Research3 finds 62% of Industrial IoT transformations fail to scale because of a lack of trust.Therefore, with this article we will try to ask ourselves about the security and trust issues of connected devices and how companies can deal with them.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg\",\"width\":2560,\"height\":1280,\"caption\":\"Internet of Things flat iconic illustration thing object\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"&#8220;Security Twins&#8221;: A new security &#038; trust guarantee for connected devices (1\/2)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/90c0690f92031d5a3d98739e0b6faaea\",\"name\":\"Raquel De Faria Cristas\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/raquel-de-faria-cristas\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\"Security Twins\": A new security & trust guarantee for connected devices (1\/2) - RiskInsight","description":"In 2010, the early hype-cycle of IoT (Ericsson and Cisco) predicted 50 billion devices by 2020. In reality, that figure was highly overestimated. Today, Gartner states that approximately 5.8 billion IoT terminals will be in use in 2020. Even if the market is not as developed as it was first predicted, it is still growing: those 5.8 billion of IoT devices represent an increase of 21% over 2019.Despite their usefulness, introducing connected devices unfortunately brings new risks for companies. Indeed, according to the Palo Alto Networks report published in March 2020, 57% of the connected devices analyzed were vulnerable to medium or high severity attacks. This is not surprising. Securing connected devices is proving to be an arduous task that explains why Beecham Research3 finds 62% of Industrial IoT transformations fail to scale because of a lack of trust.Therefore, with this article we will try to ask ourselves about the security and trust issues of connected devices and how companies can deal with them.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/","og_locale":"en_US","og_type":"article","og_title":"\"Security Twins\": A new security & trust guarantee for connected devices (1\/2) - RiskInsight","og_description":"In 2010, the early hype-cycle of IoT (Ericsson and Cisco) predicted 50 billion devices by 2020. In reality, that figure was highly overestimated. Today, Gartner states that approximately 5.8 billion IoT terminals will be in use in 2020. Even if the market is not as developed as it was first predicted, it is still growing: those 5.8 billion of IoT devices represent an increase of 21% over 2019.Despite their usefulness, introducing connected devices unfortunately brings new risks for companies. Indeed, according to the Palo Alto Networks report published in March 2020, 57% of the connected devices analyzed were vulnerable to medium or high severity attacks. This is not surprising. Securing connected devices is proving to be an arduous task that explains why Beecham Research3 finds 62% of Industrial IoT transformations fail to scale because of a lack of trust.Therefore, with this article we will try to ask ourselves about the security and trust issues of connected devices and how companies can deal with them.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/","og_site_name":"RiskInsight","article_published_time":"2020-07-24T12:55:38+00:00","article_modified_time":"2020-07-24T15:10:33+00:00","og_image":[{"width":2560,"height":1280,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg","type":"image\/jpeg"}],"author":"Raquel De Faria Cristas, Michel Girier, Cl\u00e9ment Leroy","twitter_misc":{"Written by":"Raquel De Faria Cristas, Michel Girier, Cl\u00e9ment Leroy","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/"},"author":{"name":"Raquel De Faria Cristas","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/90c0690f92031d5a3d98739e0b6faaea"},"headline":"&#8220;Security Twins&#8221;: A new security &#038; trust guarantee for connected devices (1\/2)","datePublished":"2020-07-24T12:55:38+00:00","dateModified":"2020-07-24T15:10:33+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/"},"wordCount":1062,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg","keywords":["connected device","data protection","IoT","NIST"],"articleSection":["Cybersecurity &amp; Digital Trust","IoT &amp; Consumer goods"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/","name":"\"Security Twins\": A new security & trust guarantee for connected devices (1\/2) - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg","datePublished":"2020-07-24T12:55:38+00:00","dateModified":"2020-07-24T15:10:33+00:00","description":"In 2010, the early hype-cycle of IoT (Ericsson and Cisco) predicted 50 billion devices by 2020. In reality, that figure was highly overestimated. Today, Gartner states that approximately 5.8 billion IoT terminals will be in use in 2020. Even if the market is not as developed as it was first predicted, it is still growing: those 5.8 billion of IoT devices represent an increase of 21% over 2019.Despite their usefulness, introducing connected devices unfortunately brings new risks for companies. Indeed, according to the Palo Alto Networks report published in March 2020, 57% of the connected devices analyzed were vulnerable to medium or high severity attacks. This is not surprising. Securing connected devices is proving to be an arduous task that explains why Beecham Research3 finds 62% of Industrial IoT transformations fail to scale because of a lack of trust.Therefore, with this article we will try to ask ourselves about the security and trust issues of connected devices and how companies can deal with them.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/07\/Fotolia_81590429_Subscription_Monthly_XXL-scaled.jpg","width":2560,"height":1280,"caption":"Internet of Things flat iconic illustration thing object"},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/07\/security-twins-a-new-security-trust-guarantee-for-connected-devices-2-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"&#8220;Security Twins&#8221;: A new security &#038; trust guarantee for connected devices (1\/2)"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/90c0690f92031d5a3d98739e0b6faaea","name":"Raquel De Faria Cristas","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/raquel-de-faria-cristas\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/13959","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1379"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=13959"}],"version-history":[{"count":8,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/13959\/revisions"}],"predecessor-version":[{"id":13983,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/13959\/revisions\/13983"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/13956"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=13959"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=13959"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=13959"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=13959"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}