Author: Bentley Long
There is no question that IoT in its broadest definition is already impacting our lives and businesses. However, there is wild disagreement on how quickly and broadly IoT endpoints will grow, and how to calculate the economic impact. I do believe that IoT is the next wave of computing (after mainframe, pc, internet, mobile, and cloud) and has the potential to disrupt every industry far more than any of these previous waves. But I also believe that we have grossly overestimated the near term adoption rate and business impact. Much of my pessimism stems from the significant security vulnerabilities that exist today that will slow the deployment of IoT enabled business.
In 2010, IBM predicted that there would be one trillion connected devices by 2015. One widely quoted 2011 white paper, Cisco estimated that by 2020 the number of connected devices would reach a much more modest 50 billion. In a subsequent 2013 brochure, Cisco holds to 50 billion devices by 2020 with an estimated total IoT global impact of $14.4 trillion for the period 2013 to 2022. This $14.4 trillion does NOT represent all new economic value, but rather a migration of value between companies and industries. The five main factors Cisco sites in estimating economic impact are asset utilization, employee productivity, supply chain and customer experience and innovation. It is important to note that some of this transfer will have a negative impact on the global economy: Better asset utilization & supply chain improvements = fewer good & services sold, Improved employee utilization = fewer employees. A more recent report from Gartner estimates 4.9 billion connected things in use in 2015 … and will reach 20.8 billion by 2020.
So what are we to make of all this data incongruity? As we get closer to the actual dates for the predictions to bear out, the numbers keep getting smaller. As is always the case with new technology, there is an initial spike in adoption that trails off for a period as hype dissipates. Many assume that growth in units or users will be linear, when it is much more likely to slow for a period of time and then take off at an accelerated rate. This is likely fueled by optimistic product marketing managers across multiple industries trying to identify the sources of future growth for their senior executives and stockholders. I believe that IoT endpoints deployment will be slower than predicted into 2020 and then will accelerate from their at an even great rate than the period 2008 – 2015. One of the biggest factors impacting that will be securing the IoT.
On Tuesday evening, September 20th, the largest DDoS attack ever launched was delivered by botnet of hijacked IoT devices on the site krebsonsecurity.com. Just days later, and even larger DDoS attack was launched on French hosting company OVH. What was unique about these attacks is that they employed by more than 100,000 routers, IP cameras and digital video recorders (DVRs) that are exposed to the Internet and protected with weak or hard-coded passwords. These attacks went largely unnoticed outside of the cybersecurity community. But that all changed on Friday, October 21st when the servers of New Hampshire based Dyn DNS Company were the target of 3 consecutive attacks whose aggregate bandwidth of possibly 1.2 TBps likely made it the largest DDoS attack in history. These attacks affected user’s ability to access consumer sites such as Netflix, Twitter and Spotify.
These recent attacks highlight an inherent vulnerability for legacy IoT devices. The internet was not designed from the ground up to prioritize security, so all security solutions are necessary layered on top of IP. For the IoT to reach its full potential, security will need to be engineered into end point devices and enterprise will need to enforce best practices for adding nodes to their networks, whether they are PCs, BYOD or sensors. This will take time and in many case, a mindset changes which will delay the widespread adoption of ubiquitous computing.
We must remember that IoT is a platform, not a business in and of itself. There is no question that the IoT will drive hardware & sales, enable new business models, disrupt current industries and will have many winners and losers. However, on balance, I believe that adoption rates and economic impact are significantly overestimated in the near term. I also believe that recent vulnerabilities that have been identified with connected devices will be a major speedbump for widespread deployment.