The scale of IoT risk

One thing that makes the IoT risk factors I mentioned yesterday so scary is the number of devices that will be in play.

The number of devices that a human can use directly on a daily basis has a practical ceiling. I use four: laptop, smartphone, tablet, smartwatch.

But most individual IoT devices aren't used directly by people. They're machine-to-machine (M2M) communicators. This means that the number of them that could someday be practical for me – or an enterprise or government – to use daily is practically limitless. In the not-so-distant future, connectivity will be assumed. It will be like we think about electricity today. Can you even guess how many devices around you use electricity?

According to the Cisco Annual Internet Report, 50 percent of the world's connected devices – 14.7 billion in total – will be M2M communicators by 2023. And this share will keep growing. According to the same report, the projected compound annual growth rate (CAGR) of M2M devices is 30 percent. To put that in perspective, smartphones are in second place at 7 percent CAGR.

So why does this matter from a security perspective?

The scale of connected IoT devices means that even if most companies making and deploying them have excellent security practices, a small percentage of irresponsible actors who allow their devices to be hijacked can have a devastating impact on the rest of the connected world.

-Doug​