Cyber insurers could help drive IoT standards

Insurance companies will want companies to use strong protections against data breaches

Factory
IoT systems from Kore are used in industrial settings like this. Credit: Kore

Cyber insurance premiums could prove a big driver of Internet of Things standards.

Machine-to-machine communication has grown up in separate silos for every industry, but as it expands in the coming years as part of the broader Internet of Things wave, standards could save a lot of cost and effort, speakers at a networking conference said Monday. 

Having a common approach that works can save IoT vendors from having to reinvent the wheel, said Jim Zerbe, head of IoT product at Neustar, a real-time information services and analytics company.

Security is one place that's needed, he said. For a long time, machine-to-machine security has relied on industry-specific technologies and "security through obscurity," resulting in easily hackable systems. Standard, open technologies across industries can attract armies of developers to build strong defenses.

Insurers will help to usher in that approach, said Bruce Gustafson, Ericsson's vice president of government and industry affairs for North America. Cyber insurance is a young business still trying to calculate the risk of a breach, but as it matures, insurers will look for safeguards they can rely on. The idea is that they'll take to data security standards -- the stronger the better -- the same way they've pushed seatbelts and airbags to cut down on auto accident risk.

Enterprises' premiums could go up or down depending on whether they're using security technologies that insurers recognize and endorse. Developers would jump to fill that need.

"That unleashes the market," Gustafson said. "All of a sudden, all the great minds swing over there."

Hardware designs, data formats and data security mechanisms all could benefit from standardization, Gustafson said. He pointed to cellular standards as a model.

"The iPhone wouldn't be here if they weren't able to license a standard," Gustafson said. The 3GPP helped streamline the development of that industry-changing device by agreeing on how cellular systems would work and making that recipe available to anyone. "You don't need to invent that," he said. 

Industrial IoT won't fully pay off until there are common protocols across industries, panelists said. They cited a McKinsey Global Institute report earlier this year that said less than one percent of IoT data is being used, mostly for alarms and real-time control. More numbers from more business sectors have to be crunched to derive big payoffs through optimization and prediction, McKinsey said. 

Data formats should be standard so a range of IoT platforms can ingest common inputs like weather data, Gustafson said. Gathering data across industry verticals also requires standard protocols, of which some are already in use, including MQTT and CoAP (Constrained Application Protocol), Zerbe said.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.