IFSEC Insider is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Gadgets and appliances that connect to the internet are not being designed with security in mind, according to global consultancy KPMG.
Commenting on the security vulnerabilities that have been uncovered of late in smartphones, internet-connected TVs and other devices, Martijn Verbree, a partner in KPMG’s cybersecurity practice, said security vulnerabilities exist in most internet-connected devices on the market today.
According to his findings, when internet-connected devices go into production, security is often an afterthought in the design process, whereas it should be a key criteria from the outset.
As an example many digital TVs have been designed with some computing functionality, such as an operating system, apps, sensors and Wi-Fi connection bolted on.
Verbree said: “The lack of security by design will change over time when the industry matures: we have already seen this take place with smart phones, which are now a lot better protected and better patched, although far from secure.”
While vulnerabilities uncovered by KPMG’s research pose a low risk to the general public today, reverse engineering can lead to a piece of malware being installed in an internet TV, for example by the owner downloading an infected app.
“Fixing this will be hard and the most likely fix will be via a software patch. But the challenges are, what other vulnerabilities already exist and how manufacturers get the patches out?” he said.
He urged vendors to take responsibility and provide fixes to vulnerable devices, even if they exceed the warranty period.
Listen to the IFSEC Insider podcast!
Each month, the IFSEC Insider (formerly IFSEC Global) Security in Focus podcast brings you conversations with leading figures in the physical security industry. Covering everything from risk management principles and building a security culture, to the key trends ahead in tech and initiatives on diversity and inclusivity, the podcast keeps security professionals up to date with the latest hot topics in the sector.
Available online, and on Spotify, Apple Podcasts and Google Podcasts, tune in for an easy way to remain up to date on the issues affecting your role.
Security usually an afterthought in design of IoT devices, says KPMG’s cybersecurity practiceGadgets and appliances that connect to the internet are not being designed with security in mind, according to global consultancy KPMG.
Sara Verbruggen
IFSEC Insider | Security and Fire News and Resources
Related Topics
Paxton employees raise over £9k for Teenage Cancer Trust
Photo posts from the 2023 Security & Fire Excellence Awards
Winners revealed for 2023 Security & Fire Excellence Awards
