Brian Russell is a security expert with Leidos, chair of the Internet of Things Working Group and Cloud Security Alliance. He spoke to ReadWrite about his book “Practical Internet of Things Security” and issues facing the IoT security community.

See also: 5 IoT cybersecurity predictions for the coming year

How do we shift our minds and prepare for IoT security? What are some of the biggest challenges facing the IoT community in enterprise networks and consumers at home? Take a look at the interview below.

ReadWrite: We’ve been inundated with IoT technology, it seems like security isn’t being factored in. Is there such a thing as IoT security in general?

Brian Russell: Yes, in a lot of ways, IoT security is just regular security. Now, applying it to the types of devices and systems that are being built, that’s been a challenge for one reason or the other but, when you really sort of think about it, the fundamentals of information security still apply to IoT devices, that a manufacturer is building. Or integrators putting together, you still need to have confidentiality, integrity, availability, those sort of key fundamentals of security.

So, what’s been a bit of a challenge in the IoT market, is there are so many types of technologies coming together, and nobody’s gotten ahead of the curve, and said hey, if I put together a system that has Zigbee devices that are talking over the internet, over the cloud, and they can talk to each other and they use MQTT as well, after going through a gateway, how do I secure those new technologies? And so, it’s a matter of technology getting ahead of the guys in security, market or the security function, where they haven’t really had a chance to catch up and do a really good look at one, the security controls, that have to be applied and the best practices that are recommended for each specific protocol that’s within IoT and from a systems perspective, what are the engineering challenges related to when you put all of these things together, and you start having them work together?

Sometimes in an autonomous fashion, what does that mean from a risk perspective and what does that mean from a security controls perspective? I think it’s really a matter of security not catching up with technology. I think whether it’s the IoT, whether it’s machine learning, whether it’s data analytics, whatever it is that we’re talking about, that’s going to be the challenge going forward for the security community, trying to figure out, technology moves fast and security is sort of lagging behind the technology movers and shakers. How are you going to make sure that you keep up? So that as new capabilities, products and technology come out, you’re not in the same boat as we’ve seen ourselves in with IoT.

RW: With IoT, we don’t see the traditional level of testing, because of the ubiquitous nature of these devices, they’re everywhere. Is it a different mentality when testing or working with this type of security?

BR: Yes and no. You’re going to want to do a methodical examination when you’re examining the security of any particular system, a methodical examination of potential vulnerabilities, and you go online and sort of look for every single attack vector that you can find to get into a particular system, whether IoT or not. What you mentioned about sort of IoT being different is right, and there’s training or mindset shift that has to occur in the security community.

The scale of IoT is what I think you were referring to, there might be millions of devices, that are used within a particular organization and those devices can range from temperature sensors, floating in the ocean, it can be smart mirrors, it can be smart billboards, it can, things in a smart home, smart electrical capabilities, smart grid type stuff, there’s so many different things, again, sort of going back the traditional ways of doing security, sort of looking at it from a risk perspective, is really important, again, if you have this sort of category of devices, that are sort of reading temperature data, for example, or reading some environmental type data that has no impact from a security perspective, for a particular organization, or limited impact from a security perspective, you’re going to apply resource to secure those capabilities and those technologies.

On the other end of the spectrum, what you really have to work about is this move toward cyber-physical system, CPS, where now, I may have a connected vehicle, if I’m Ford or General Motors, I’m going to make sure that I apply substantial amounts of security engineering and resources to figuring out what the vulnerabilities are for that particular system and making sure that it’s locked down in such a way that people are thwarted from trying to penetrate into the core the devices, in this case, a vehicle. Or it could be a drone or a plane. Going back to that sort of risk perspective, and that sort of that risk framework mentality, and saying ‘Well, I need to sort of pull out of the stop and see if I can dig my way into a connected car, that if it’s compromised, it’s going to cause harm to somebody…’

RW: What was your motivation for this book? It’s very technical.

BR: My background, going back many years, working for the government, building cryptographic key management systems and we sort of have an understanding of, making sure the systems that are out there, serving mission purposes, and critical business purposes are secure, sort  of taking that background in cryptographic key management, we ended up starting to work with the FAA. Cryptographic control for drones and trying to figure out what that command link would look like between a small mid aerial system or drone and a ground control system, and sort of keeping people out of that command link. Then we ended up going into the transportation sector with the federal highway administration trying to figure out what it means to secure connected vehicles across the U.S. infrastructure. From that perspective, from the work perspective, it became very clear that there are a lot of challenges. People weren’t going back and applying the fundamental principles… The risks were growing significantly.

We saw that there were many points of integration, that seemed to be opening up between all of these different technologies. For example, a vehicle in today’s world might be started with a command, you might say ‘Lexus, start my vehicle.” That’s sort of an integration point, it might integrate with your net thermostat. That’s an integration point into a cyber system that has the ability to cause harm if it’s taken over from a control perspective. The risks are significantly high and they’re getting higher as more things get integrated with other things.

The other side, the volunteer work that I do, the Internet of Things Working Group, we’ve been looking at this since 2013 or so, trying to put together some community driven thoughts on how an enterprise might go about securing and IoT implementation, sort of a systems to systems implementation, and then how a product developer might go about securing their IoT-based connected products. I look at that and got together with my co-author Drew Van Duren and said it probably makes sense to go ahead and formalize this and put this together into an actual book.

RW: It looks like your book was written for engineers, programmers and network admins working on the technical aspects of IoT.

I think you’re right, we tried to abstract it as well, but we wanted to provide practical guidance that people can use when they’re designing their IoT systems.

RW: In chapter one, you talk about IoT data collection, storage, and analytics. Thinking about the future of IoT, how big a role will data collection play?

There are a lot of different potentials there. One path you can think through is already starting to show itself. If you look at, I think there was a murder investigation just a couple of weeks ago and the local law enforcement was trying to get access to the transcripts from the Alexa, from Amazon’s Echo device.

That shows you that you have devices in a smart home for example, in some instances, back with the some of the smart TVs that were always listening. Definitely, in the Echo case, it’s always listening for the implication word… What is the legal stance as far as how a law enforcement official might gain access to that transcript from Amazon? Almost like the old subpoena from the telecom providers. Are they going to go and do this to Amazon when there is a case that opens up and they might be able to figure out details of the case if they get transcripts.

This sort of goes to the ubiquitous monitoring of IoT, the nature of the IoT, where you always sort of being watched and I think eventually we’ll get use to that. It’s going to be interesting seeing what happens from the perspective of law enforcement that wants access to these things. Another example, it hasn’t come to fruition yet, but everybody has cameras on these houses now, camera on their backyard. If something happens in front of your house or on your property, is law enforcement going to subpoena the video images? What if you don’t want that to get out from a privacy perspective? I think privacy sort of a really interesting area to think through when it comes to this sort of data collection of IoT devices. You can make the same case for smart health devices that are always collecting your biometric data about your heart rate. These things are going to get more and more advanced. The data that’s collected is going to be able to show, a profile of your activity, and your sort of overall health and well-being, and do you want this data or the inferences from that data to be made available to people that you don’t know.

Your healthcare provider is sharing that with your insurance provider. On the insurance side, what are the ramifications when we talk about not only health care but also sort of vehicle insurance. Nowadays you can go out to target and buy a device that will hook into your OBD2 port on your vehicle and collect information about how fast your drive and that’s going to be standard stuff in the connected vehicle area. What happens when the insurance company starts getting a hold of that data that’s being collected about you? They can make real-time decisions about what you rates are going to be — can they deny coverage?

It’s going to be real interesting to think about from a legislative perspective. I talk about the security guys being behind the curve, of technology, it’s the same on the legislative side. Are lawmakers going to have to figure out what laws they have to put in place to protect your rights as a consumer, not only from a privacy perspective but also from the perspective of this not having your insurance taken away because the insurance company figures you’re not as healthy as you said you were or you’re driving more than you said you were.

RW: When we look at IoT devices, it seems like a lot of devices are being enabled without any security mechanism in place. The manufacturers are creating and then at the last moment, an IP stack is placed on the device. What is your take on this?

BR: I think that’s right. IoT security is similar to regular information security that we’ve all sort of grown up with. If you think about the software industry, they’ve had many years to secure their security practices, and if I’m a refrigerator manufacturer I haven’t had a need to figure out how to prevent people from hacking into my computer capabilities, or If I’m a vehicle manufacturer, similar circumstances, or whatever it is, if I’d a manufacturer of some sort of product, physical product, I haven’t had to make sure that people don’t have to hack into my light bulb, that I’m putting out onto the shelf. It’s a matter of catching up again from a design perspective, understanding that if you put something out there that has the ability to connect to other devices or to the Internet, there is risk involved and you have to figure out how to mitigate that risk.

You pair that with the startup community who has no real motivation to embed real security engineering into their products, they’re interested in getting things to market… The other aspect is that there is talk all over that there is a shortage of skilled security people. On the market. If I’m a startup or legacy product manufacturer, it’s going to be hard for me to go out and recruit the people I need to build a good security team, so that I can tackles these issues internally, it’s this perfect storm of different mindsets and issues that are keeping people from succeeding and applying proper security controls, to their devices.

The FTC recently came out against manufacturers of connected devices and are bringing a lawsuit against a manufacturer. I can’t remember who it was, and so now, if you start to see some government enforcement you might see some a mindset shift from these IoT manufacturers where they have to go the extra mile to get things right. We haven’t seen that from the government until very recently.

RW: On connected devices in the home, what kind of implemented security can we expect to see on these devices in the future.

BR: I think, for those sort of devices, you’re going to have to lean on the protocol specs themselves because bolting on additional security features to an air conditioner that has to talk to a thermostat, if that involves any sort additional configuration for the home user it’s probably not going to happen or not happen correctly, because from the consumer IoT realm, it’s an interesting challenge. Usability is extremely important, there is always this tug of war between usability and security, but on the home market, it’s not going to be used, if it’s too hard to configure. If you have to go in and manually enter a hex string of key characters into a light bulb every time you install it, that’s gonna fly.

As so, you fall back on the pairing processes of some of these protocols like ZigBee, Z-Wave or Bluetooth. And those communication protocols have built-in security controls, where they haven authentication capabilities and confidentiality protections built into them at the link layer. You’re going to have to figure out the best approach to leverage those, protocols security stacks that are already existing for those types of devices.

RW: So who needs to purchase your book?

BR: I would say anybody who is trying to put together complex connected systems. Systems that talk to each other, systems that work together autonomously, for critical business functions or critical mission functions. That’s what the book was designed for anybody who is responsible for getting these connected devices incorporated into their enterprise. I would hope would benefit from this book right now.

The post Brian Russell discusses his new book and trends in IoT security appeared first on ReadWrite.

From: Doc Emmet Brown

To: Marty Mcfly 

Dear Marty,

If my calculations are correct. the last time we saw each other was the year 1985. Ten years later, in the year 1995, you’ve followed in your father’s footsteps and become a science fiction writer.

Marty, I am writing to alarm you about a major disturbance in the future of technology. This technology will derail the ubiquity of flying cars, self-lacing Nikes, and hoverboards.

The very technology that you’re using for the first time in 1995, the internet, yes my dear Marty, it will alter the future of mankind in ways you can’t imagine! Great Scott! Marty, you currently use your phone and a modem to access the internet. In the future, twenty years from now, we will be on the dawn of an era where every device around you will access the internet. These devices will talk to each other! You don’t understand, but this is the dawn of IOT aka Internet of Things. Your car, your phone, your air conditioner, each device will have the capacity to talk to the “smart” devices around it.

You don’t understand, but this technology is IoT aka the Internet of Things. Your car, your phone, your air conditioner, each device will have the capacity to talk to the “smart” devices around it.

Marty, I risk this automated email because I know that when it finds you, you’ll have the ability to avoid the mistakes that other science fiction writers made when writing about the future. I’ve listed several well-known science fiction films. Some titles you may or may not know. I’ve taken the time to provide you a synopsis of each and how IoT technology will impact each!

Blade Runner – Based in 2019, set in a dystopian Los Angeles that feels like Hong Kong sprinkled with flying cars and buildings shaped like pyramids. A group of androids that resemble human beings are trying to find their creator before their batteries run out and hopefully get some re-engineering for a bunch of 1-UPs. Unfortunately for Phillip K. Dick, androids don’t dream of electric sheep and the IoT world which is upon us would have tagged these human-gobots wherever they roamed. The replicants wouldn’t have been able to fit in and the global tracking network would have told on them wherever they went, making Deckard’s job much easier. Even if Roy Batty made it into the elevator with JF Sebastian the emotion recognition system would have sensed that something was terribly wrong, never allowing them to continue to Dr. Tyrell floor. No late night chess.

Minority Report – In the year 2054, future crimes aka Precrimes are monitored and foretold by a trio of Ms. Cleo’s known as “The Precogs,” who proactively work with law enforcement and the film’s protagonist, John Anderton to prevent crimes from happening in the future. An IoT world will eliminate the need for Precogs or a Precrime unit! Emotions like anger will be monitored and reported to the emotions department of the local law enforcement who will track and interact with IoT devices around you to prevent you from committing crimes. Thinking about killing your wife’s secret lover? Forget it. Your smart car won’t allow you to drive to his home until your anger levels have decreased.

The Matrix – A hacker named Neo is recruited by a group of humans who’ve broken free of the digital matrix controlling humans in the future. IoT will place us in a matrix and it will be almost impossible to escape. We’ll connect to the IoT matrix by the devices and machines in our environment, learning, reporting and calculating our every move. This story should be rewritten and feature Neo as a human who simply doesn’t want to have his every action monitored and reported. Regardless of what pill you choose, that day is coming.

Terminator – In the future year of 2029, an artificial machine intelligence, a computer system known as Skynet, has taken over the world. The humans who rebel against Skynet are led by John Connor. In the film, Skynet will send a Terminator, a killing robot, to the past to find and kill Sarah Connor, the mother of John Connor — before he’s born. In an IoT world, a revolt will be futile. Each human will be digitally marked and regardless of where you go, you’ll interact with devices that know you, report and share data about you. Marty, there will be no resistance. IoT is the future. IoT is Skynet.

I realize that these words may come to you as a surprise. In the year 1995, you’re just getting familiar with chat rooms and it is hard to put faith in an Internet that connects machines to one another, an Internet without modems and more importantly, without AOL.

However, 20 years from now, this will be so. Work hard. Write well Futureboy, and know that every device in Hill Valley will one day connected to the internet.

P.S. — Our trip to the future altered the future of baseball! The Cubs won the World Series a year later! Great Scott!

The post How IoT could radically change your favorite sci-fi movies appeared first on ReadWrite.

Donald Trump has now been sworn in as the 45th president of the United States of America. Along with his administration, the new president will usher in a number of drastic changes — specifically in the area of telecommunications and the world of IoT.

There is a strong possibility that the new White House administration wants to dump “Net Neutrality.” How does this impact IoT?

The dream of an open Internet

By the time you read this, Tom Wheeler, the 31st chairman of the Federal Communications Commission (FCC), will have resigned. This is significant to both consumer and commercial Internet users because the concept of net neutrality may be a thing of the past. What is net neutrality?

Without getting too technical, net neutrality is a policy enforced by the FCC that prevented Internet Service Providers (ISPs) from prioritizing certain internet traffic over others. Back in February 2015, Tom Wheeler spoke on the FCC’s master plan, and it sounded like this:

“While some other countries, try and control the internet, the action that we take today is an irrefutable reflection of the principle, that no one, whether government, or corporate, should control, free and open access to the internet. The internet is the most powerful and pervasive platform on the planet. It’s simply too important to be left without rules, and without a referee on the field. Think about it, the internet has replaced the functions of the telephone, and the post office, the internet has redefined commerce and entertainment, and as the outpouring of four million Americans has demonstrated, the internet is the ultimate vehicle for free expression. The internet is simply too important, to allow broadband providers to be the ones making the rules.”

Technically speaking, data can be manipulated. Internet service providers use high capacity routers with software that can control data based on IP addresses or content, using Quality of Service or throttling specific data.

Does the new FCC chairman want to end net neutrality?

By the time you read this, there is a strong possibility that Donald Trump will have selected Ajit Pai to be the new chairman of the FCC. Ostensibly, Ajit wants an open internet, but the FCC commissioner doesn’t support net neutrality that was enforced by his predecessor — a policy which he believes impedes investment, innovation and job creation.

Speaking on his view of net neutrality, Ajit said “My concern, my sole concern is what is going to deliver a better consumer experience in the digital age, and I truly believe removing some of these regulations, impeding IP-based investments, getting rid of these antiquated regulations is the best way to promote competition, and promote consumer welfare, not these over the top 80-year-old regulations that have been proven not to work…”

If the new chairman of the FCC decides to dump net neutrality, your ISP can prioritize specific traffic over others. For example, if your provider wants, they can give priority to streaming video over other data, perhaps slowing down your service in certain areas. Or if your company has contributed to certain political campaigns, you’ll increase the likelihood that your service will see improved performance or end users will experience faster access to your website.

The death of net neutrality will severely impact IoT solutions which rely on an open internet concept. Degradation of service for connected devices can impact the burgeoning technology. A technology that needs scalability to thrive.

In addition, there are members of the Trump administration that want to reassign certain FCC duties to the Federal Trade Commission, The Young Turks reported the following “Besides restructuring FCC bureaus, the majority of the transition team wants to ‘eventually move functions deemed duplicative,’ like, say, competition and consumer protection, to other agencies, particularly the Federal Trade Commission…” 

What happens to IoT?

Does the end of net neutrality mean that IoT services will be severely degraded and impacted? Quite possibly. Before resigning, former FCC chairman Tom Wheeler specifically noted that the Internet of Things was dependent on the openness of the internet. A future where ISPs can prioritize traffic can have huge implications for IoT devices and how they’re engineered in the near future.

By the time you finish reading this article, the is a strong possibility that major ISPs are planning for an end of net neutrality policy, which means that IoT companies will have to adapt and possibly redesign their solutions to function in an internet that is no longer open.  

The post Could the end of net neutrality mean the demise of IoT? appeared first on ReadWrite.

When you think of real estate and technology, the last thing that may come to mind is an augmented reality (AR) phone app that mimics the gameplay of Pokemon Go and allows you to find apartments in your area that have been haunted by ghosts.

Sounds unrealistic? It’s just a prime example of how the real estate industry is taking advantage of augmented reality technology.

Augmented reality: more than Pokemon Go

Thanks to Pokemon Go, 2016 was the year that the world paid attention to augmented reality. Beyond catching Pokemons, what is augmented reality?

Armand Valdez, a video producer at Mashable, provided a definition of augmented reality and how it is currently used, saying:

“Unlike the full immersion of virtual reality, augmented reality aims to make the world you already see, so much cooler… Augmented reality is when digital information is overlaid onto the actual physical world. Your camera detects a target image and can figure out how close, how far, and at what angle the target image is from the camera using sensors. It then projects digital information onto that target image and voila — augmented reality… Some of the earliest uses of augmented reality were the head-up display on fighter jets, allowing pilots to see important information projected in front of them on their windshields. This technology eventually made its way to automobiles, and even your eyeglasses with Google Glass.”

How AR and real estate work together now

Whether it’s an app on the phone or on an iPad, Augmented Reality provides real estate professionals with the ability to showcase properties, buildings and apartments from a 3-D perspective, all of this would have been done on flat print materials in the past.

With a touch of a button, clients can visualize changes to a property by modifying the color of a wall or by adding a piece of furniture from an Augmented Reality app perspective.

One innovative company named Spacious, based out of Hong Kong, took advantage of a local superstition in which locals do not like to occupy properties in which murders or unfortunate deaths have taken place. The result? These properties which are believed to be haunted, are listed for significantly less.

In the wake of Pokemon Go, the Spacious team added an A/R feature to their app which allows apartment hunters to find these haunted apartments while catching ghosts.

Asif Ghafoor, the founder, and CEO of Spacious spoke on the functionality of the app saying;

“We’re trying to make the process of finding property, for buying or renting easier, this is an important factor that people look at in this part of the world, one that influences the price of that property… When you first open the app, what you see is a map with all the listings, all these little ghost icons are showing the things that happened. In the J Residence, there’s a very famous incident that took place there, and when that property came back on the market, it ended up renting for fifty percent discount…”

Other client-based apps like LUX AR, which provides potential clients the ability to locate properties using their GPS, while HOMESNAPS‘s app provides information about a property after a photo has been taken.

Experts in the real estate industry expect augmented reality to have a huge impact over the next several years, some predicting as many as 2.5 billion in real estate applications by 2025. Whether it is servicing a potential client looking for a property, a realtor showcasing a location or a construction worker visualizing changes to blueprints, augmented reality will have a lasting and sustained impact on how business is done in the real estate sector.

The post How will augmented reality impact the real estate market? appeared first on ReadWrite.

Whether you’re a programmer working on an IP stack for an IoT-enabled device, a director trying to figure out how to integrate IoT technologies into your company or a consumer who is new to smart technology and wants to understand IoT basics, there are several books on the market that can help you get the information you’re looking for.

In no particular order, here’s a look at some of the most useful IoT books on the market.

The Second Machine Age: Work, Progress, and Prosperity in a Time of Brilliant Technologies

Written by Erik Brynjolfsson and Andrew McAfee, this book offers a look at how IoT technology is currently being used and makes predictions about the near future.

See also: Our (info)graphic, short history of the industrial IoT

Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts

Penned by Nitesh Dhanjani, a respected data security expert who has written several books on network and Unix security. Unlike other books that deal with theory, Nitesh deals with specific scenarios. Excellent for network administrators and data security professionals.

The Amazon Way on IoT: 10 Principles for Every Leader from the World’s Leading Internet of Things Strategies

This book by John Rossman, a former executive of Amazon, is aimed at directors and managers who need to understand how to make IOT solutions work for their company. In addition to predictions about the IOT future, John provides case studies on how IOT is currently being used.

See also: John Rossman discusses his latest book

The Fourth Industrial Revolution

Written by renown economist Klaus Schwab, this book looks at IoT and several technologies that will have a significant impact on society.

The Silent Intelligence

Penned by Daniel Kellmereit and Daniel Obodovski, this book provides readers with a background on connected devices, the current state of IoT and a glimpse of how the technology will play a part in various aspects of our future.

The post 5 key books to put on your reading list to understand IoT appeared first on ReadWrite.

Seasoned technology writer Michael Miller spoke to ReadWrite about his latest book The Internet of Things: How Smart TVs, Smart Cars, Smart Homes, and Smart Cities Are Changing the World.

During this conversation, he discussed current IoT practices, implementations and made some useful predictions of how consumers and businesses will be impacted by this emerging technology.

Whether you’re a seasoned technologist interested in IoT or a consumer who wants to know more about the smart devices in your home, you’ll definitely want to read this interview.

READWRITE: What was the impetus for this book?

Michael Miller: My publisher and I are always looking for new topics to write on, trying to get ahead of some these topics. In the past, I’ve written about Cloud Computing and Bluetooth, and technologies like that before they became big. My Bluetooth book came out ten years ago and my Cloud Computing book came out five or six years ago. We always try and get ahead of the trends and sometimes, we hit some that are actually hot and sometimes we don’t. We did this book about a year ago. The Internet of Things certainly was trending then, still is today. That was really the impetus.

RW: When you compare the latest wave of technology with the technology we were exposed to in the mid-nineties, what’s the biggest difference?

MM: The different thing with the Internet of Things is that it is an internet of things as opposed to a people. The internet that we’ve been use to since the mid-nineties, even though it is technology and even though it’s bits of code, and that sort of thing. It’s all designed for person to person interaction. Even when you go to a website, that’s something you’re doing personally as a human being. Whether you’re talking Usenet back in the day or the world wide web, or social media. These are all personal interactions on the internet. With the Internet of Things, you’re really talking about devices interacting. Not people. In fact, smart devices actually making decisions in lieu of people making decisions. This is more of an internet infrastructure in the background as opposed to being in consumers faces. It’s all these little bitty devices, billions of them worldwide, talking to each other, making autonomous decisions, without human interaction. The current internet that we use is the internet of people. The new internet is the Internet of Things.

RW: In chapter 2, you spent a significant amount of time discussing data harvesting and analysis. A number of devices will potentially learn about humans and potentially make our lives better. Doesn’t this also introduce a ton of security risks?

MM: Yes it does! There are a ton of security issues with the Internet of Things. And we’ve already seen some issues. We’ve seen, a month ago, there was a big internet attack, a DOS attack on some websites. It was not the typical DOS attack which is done by computers or zombie computers on a botnet. This was actually propagated by Internet of Things devices, thermostats and things like that. Hackers got into these devices and used them to create a big botnet to create a DOS attack on these others websites. That was the first time that happened. You’ve got security issues in terms of hacking into the devices themselves and using them either to go offline or to do malicious stuff like a botnet. You also have security issues with all that data that’s collected. There’s tons of data. We’re talking about data coming from your thermostat and data coming from your lighting system. Data coming from how much water you use in your house. Data coming from your car, data coming from the hospital, data coming from the grocery store, all this data is going to be out there and we’re getting smarter systems and smarter algorithms to do stuff with that data. Unfortunately, systems can be hacked. They always have been, whether you’re talking about Yahoo, with a billion accounts hacked recently, or banks getting hacked or Target getting hacked a year ago for their customer data. All this other Internet of Things data which is an order of magnitude greater than what we’ve seen in the past, that can be hacked. It gets worse though when you consider that many of the manufacturers who are getting into the Internet of Things and creating devices and building the systems. They don’t necessarily have a computer background. Ther person who’s building your smart thermostat or building your smart TV, they don’t necessary think about data security the same way you and I do in the computer industry. There’s nothing, there’s no firewalls, therés nothing in a lot of these. Not in all of the things mind you, some of these companies are conscientious but a lot of them just don’t know it. They’re not part of the industry, they haven’t been exposed to it. So their devices are much easier to hack into, than your computer or your smartphone or my smartphone. The mind just kind of boggles, you’re going to have all of this data out there, all these devices out there, built by people who are not taking security in mind. If you have a smart car out there, a smart driving car out there, somebody is going to hack into your car pretty easy. People have hacked into smart TVs, people have hacked into smart thermostats and this sort of thing. The security issues are mind boggling and unfortunately. We’re going to have more because the people who are making these things just are not thinking security first like the computer industry typically does.

RW: Do you think the general public is ready for IOT?

MM: Some people are some people aren’t. It’s always a sliding scale. There are some people who are going to jump on early, some people who are going to be dragged along a little bit later, but when you look at how part of the Internet of Things that consumers are going to interact with. It’s almost like the consumer Internet of Things, typified by the smart home and devices in the smart home and then the industrial Internet of Things. The power company and the city and all the things on the grid trying to operate in the background. You and I, or the person reading my book, the average person out there, they’re going to see and interact with this consumer Internet of Things and they’re going to do it with smart light and smart thermostats, with smart garage door openers, smart appliances and smart TVs and there’s a ton of these things being sold already, the technology has advanced quite a bit from when I wrote the book and advanced in a way, that what has to happen for the average consumer to buy into it is it has to be easier to use and it has to be cheaper and that is happening. If you look at a device like the smart thermostat, they’re easy to use, easy to connect, the smart lighting systems are very easy to use, the price has come down tremendously over the past year or two and the smart security systems with smart doorbells and smart door locks and that sort of thing, those are the three things that are driving them in the home and in all of those cases the price is coming down, they’re getting easier to use. If you go back a couple of years, a lot of these devices used proprietary wireless technology throughout their network and they didn’t talk to each other, now everything at least on the consumer end of things is using WIFI. Everybody has a WIFI network in their home, and they’re getting so that the different systems can now connect to each other. They’re not so siloed. This brand can talk to this brand, you also have the smart controllers like Google Home and the Amazon Echo and Apple is supposedly working on one also. It makes it a lot easier to centralize and control all this stuff in a hub… You set it there, it connects to your wifi network all your other smart devices in your home, your thermostat. Connects to the same hub, you control it with voice control. That’s incredible ease of use, it’s a lot cheaper than it use to be, it’s easier to hook up as that trend continues, you’re going to have more and more people jump onto it. To automate simple home activities.

RW: One of the things I liked about your book was that it is a good balance, a high-level overview on IoT, but simultaneously somewhat technical. Who was your target audience?

MM: I think that I was targeting the average consumer. Someone who doesn’t necessarily have that technical background, but someone who does have the interest. So you almost got to assume that people reading the book are interest in the technology, they’re going to have a little bit of a technical background probably. It’s not a highly technical book, I won’t pretend that it is. This doesn’t get into the ins and outs and the bits and bytes of how to connect this mesh network to this sort of thing, It is more of a general overview what’s available in different areas and what’s coming in different areas anybody with an interest in it. Whether or not you have a technical background…

RW: Within the next five years, from an IoT perspective, what kind of experience will users have in the home?

MM: I think we’re going to see an extension of what we have, I think we’re going to have the home lighting systems come down in price, they’re still a little pricey as opposed to going out and buying a light bulb. I think we’re going to see the pricing come down on all of this, we’re already seeing the ease of use come up, and now I think we’re going to see it extend into other devices and into other uses. The one I’m looking for is smart irrigation systems… Think what you can do with an Internet of Things and a smart irrigation system. You would have sensors in the yard to tell you when it’s irrigated enough, when to turn off so you wouldn’t have to even think about that, you could program in things, like my neighborhood association says I should only water on odd days to conserve water, but it would also connect to the broader internet and look at things like the weather forecast. If it’s supposed to rain tomorrow than it probably doesn’t need to turn on tonight. That’s something I can’t do with my system right now, but that’s something that can be done totally automatically totally autonomously. It would make for much more efficient water use, that would be an excellent use of the Internet of Things. We keep talking about it but I haven’t seen it yet, intelligent garage door openers. When you’re approaching the house, it would know to turn on the lights, it would also know when you’re leaving the house. Then we’ll go ahead and start the washing machine or the dishwasher. and make sure all of the lights are off. Just look at what you do in your house .and how much of that can be done without you? How much can be automated? There is quite a lot. Even the stuff that we’re doing now can get more advanced. The home lighting systems can get much much smarter in terms of knowing when you’re going into this room or if you go into this room, you always turn on a TV, or the radio or whatever, wére approaching that, we’re getting some intelligence in this stuff. We’re really at the infant level. You look at what’s there and kind of extend it forward. with a little price and look at the other stuff in the house the irrigation system the garage door, the smart appliances — we’ve been talking about smart appliances forever, but there’s still kind of dumb. They haven’t really found a good use for them. That will change also, all of this as the technology becomes more familiar, more advanced the systems become more uniform, there’s a lot of stuff we can use the Internet of Things for, to make our lives easier. And also in the case of household appliances, energy, water…

RW: In chapter two, you discuss profiting from IoT, what did you focus on there?

MM: In terms of making money from IoT, that’s done by the companies who are making the devices or putting together the systems, the software on the back end, when you think of the Internet of Things, a lot of it goes straight to the technology, behind the scene is all of the soft stuff, and that is the systems that control all of these things as well as all the data it collects and how you use that data. In fact, the biggest profit from this whole thing may be the data…

RW: Do you think data will be a commodity?

MM: That’s going to vary from manufacturer to manufacturer. And what consumers will accept in terms of how their data is used. If you are Google and you’ve collected all this data from your net thermostats and from your Google Home, that data is valuable. Google may not want to sell it. Another company might. If you have a smart router, they might be collecting a lot of data about energy. You can soft roll that data, and there’s a lot of money can be made or selling data for various purposes. I think that’s a huge profit center. Just writing the software devising the systems to deal with the data, to deal with the devices that huge behind the scenes revenue generator.

RW: Who really needs to purchase this book?

MM: The book was really targeted towards consumers but anybody in the industry who’s thinking of getting into the Internet of Things, or for that matter, when I say consumers that also means businesses and corporations who are thinking of incorporating technology also. If you run an office building you ought to be looking at incorporating the Internet of Things to make your building more efficient. You’re heating and cooling. Your communications, etc. If you don’t know what’s available, this book is a very good start into finding that out. You’ve consumers at home but also consumers in the business world also. You look at the smart heating and cooling systems that could have a huge impact on a company’s bottom line, much more than it might have in my house, how you can cut your cost by being smart about it with the Internet of Things.

RW: One more question, are there any current uses of Internet of Things that impressed you while researching your book?

MM: It’s all impressive. We’re kind of at the infant stage. on all of this stuff. A lot of it is just — What can we do with this? One that I particularly find is the use of the Internet of Things in hospitals and the medical environment. My wife was in the hospital for a few days a month ago… I’m sitting looking in the hospital room, and she’s hooked up to this device for her blood pressure and her heartbeat and this other device for her lungs and this other device for this, and none of these devices talk to each other. In fact, none of these devices send information to a central source. If my wife moves from this room to the next room, that information that the devices in the first room collected and not transferred to the second room. So the nurses have to go in and write all this stuff down manually It’s ridiculous… Take all that data, all those devices and connect them to the other devices in the hospital, a central source, so that when my wife goes from this room tot his room, her data goes with her. Then we start thinking, not just in the hospital, but what if that data is transferred to her doctor’s office. And to the specialist office, that she goes to the next week. Right now these are totally separate systems… In The medical community, everything is separate. By connecting it all together, think how much more efficient it would be but just how it would improve the health care for the patients. This is a huge opportunity that I see, that is happening, slowly but surely but will speed up and revolutionize the industry and the health care for you and me.

The post Interview with Michael Miller author of The Internet of Things: How Smart TVs, Smart Cars, Smart Homes, and Smart Cities Are Changing the World appeared first on ReadWrite.

John Rossman is a managing director with the global technology consulting firm Alvarez and Marsal and a prior executive with Amazon. An influential digital strategist with over 25 years in technology. He spoke ReadWrite about his latest book  “The Amazon Way on IoT: 10 Principles for Every Leader from the World’s leading Internet of Things strategies.”

During the interview, John provided insights on IoT and reasons why corporations need to understand this emerging technology. He also shared examples of how the technology is currently being used and how it might be used in the future.

ReadWrite: I think your book offers a unique angle on IoT. It looks a little bit different than other IoT books on the market. It seems like more of a high-level book, but at the same time, you’re applying the principles that you’ve utilized at Amazon and also some of the principles you had written about previously. Can you describe the impetus for the book?

John Rossman: The impetus for the book was a number of different factors. I had the opportunity to do a few client engagements where we were helping to frame and understand what the opportunity was for IoT in their business. What I found was, there was a lot being written in very segmented use case ways of IoT and how it was impacting and really big predictions about the number of sensors, etc, and there’s a lot written in the technical space. But there was nothing that really helped you answer the question ”How should IoT impact my business and how do I go about evaluating the potential for IoT in my business?’ I thought ‘There’s a customer segment that needs to be served, because that’s an essential question that every business leader needs to be asking themselves.”  Then as I started to frame out ‘How should a business leader think about IoT in their business? What are the different models? Every model, every principle, every strategy, one of the best use cases was always — What was Amazon doing in that space?’ And then I looked at ‘What can I write about and think about authentically?’ So those three, factors came together for me and that’s why the book is for business leaders who really need to evaluate ‘What should my IoT plan be?’ I told the story through the lens of Amazon and other great companies to demonstrate the different strategies that IoT can have for a business and leave the user for a set of questions to ask themselves on each strategy. Is this potentially a strategy for me or not?

RW: Can you describe IoT? I really don’t think the general public or companies really understand how IoT is going to impact their immediate future.

JR: I think of IoT in kind of three layers. On one layer, IoT is a set of technical capabilities. It’s sensors, it’s connectivity, it’s cloud computing, it’s analytics and algorithms. All of those things being stitched together. On the next layer, IoT is kind of the use cases and scenarios that it can enable in terms of whether it’s a connected health scenario or list avoidance or any of the great IoT use cases that we hear. At the top level, IoT is really a core business strategy enabler. And that’s where I think leaders need to really start in their thinking. Understanding how can IoT impact my customer’s experiences. How can IoT drive the next wave of operation excellence within my organization and how can IoT help me build new business models and new service models in innovative ways. IoT is really all three of those things. On one layer it is a set of technologies and as you said, it’s many different technologies kind of integrated together for any one scenario.

RW: Years ago, Bill Gates, in his book “The Road Ahead,” he predicted IoT. He talked about handheld devices communicating with the environment. He also said that there was a division between eras. There was a division between the PC era and the Information Highway. Now, we’re on the cusp of the next era with IoT. Do you think the general public is prepared for this?   

JR: I think it depends on what level of impact. I think the public is ready for some of the maybe simpler scenarios and for the good things that can happen out of this and whether that’s like some of the scenarios that Amazon’s doing, like partnering with DHL and Audi so you can have a package delivered to your car from DHL. The public is ready for that. But I think, some of the under the waterline issues around the automation that this is going to open up and some of the privacy matters that are only going to be heightened and some of the security things that are going to happen. Good things come along with the potential for dramatic change and it’s going to be disruptive. I like the word ‘disruptive,’ because it kind of describes that it’s not all going to be fun along the way, and it’s going to cause challenges for individual and cause challenges for employment and it’s going to cause societal challenges, but we’re up to solving those things, but it doesn’t mean that it’s going to be easy along the way.

RW: In the first chapter of your book, you referred to IoT as ‘’A tsunami of opportunity and a threat.’’ Why is it a potential threat?  

JR: For two reasons, one is because of some of those under the waterline implications and challenges that we just talked about and also existing business models are going to be dramatically changed and that’s a threat to the establishment and traditional businesses. As much impact as digital models have had to date, I think that IoT is going to be the next wave of digital model and the impact and the speed of that oncoming wave is going to come even faster than the first digital wave has come at us.

RW: Let’s talk ethics. We’re already heavily connected. Now we’re in an era with smartphones and glasses that learn about us. Potentially, a decade from now, IoT will try and connect as much as possible. A person like yourself who has seen technology evolve, what ethical concerns do you have regarding IoT?

JR: I would say it’s not my area of expertise… I think that’s a big topic in security and privacy go along with that… As in most things with ethics there’s healthy debate on both sides of every topic. I think you really have to target that on a scenario by scenario topic. But the comment that I would have, when it comes to security or privacy, as it comes to legal matters. Those topics are not checkpoints that you do like ‘Hey I’m ready for launch of my IoT capabilities now, I’ll do my legal review or now I’ll do my privacy review!’ You really need to involve those and those are really core requirements that need to be designed from the very beginning of your strategy and your scenarios that you’re going to develop. Those are big and important topics and they need to be considered from the very beginning.

RW: In the first chapter, you mentioned that you were creating a roadmap to help leaders understand this technology. Within the next five years, in terms of transportation, health or entertainment, what kind of changes will IoT bring about? What kind of changes will we see thanks to IoT?

JR: I think that you’ll see on the transportation front, where kind of managed situations where automation has a dramatic impact and is a really viable solution. Transportation and commercial transportation in shipping and container yards, I think the opportunity for IOT both in terms of transportation that provides the overall monitoring and management is pretty great.

RW: In your book, you provided examples of how IoT is being implemented currently. Are there any case studies or recent examples that you’ve seen of IoT in use that impressed you or you thought was a very good sign of how the technology should be used?

JR: Some of the examples or use cases that I think are some of the most compelling is around worker safety and worker’s compensation insurance management. The nice thing is what everybody’s aligned when it comes to creating safer work environments. There are some really neat scenarios where workers are equipped with sensors to help measure the stress and strain that they’re putting onto their bodies to help avoid and measure workloads so that they can avoid worker’s compensation claims and that benefits everybody and when there are accidents or incidents that happened, the ability to have a better picture of what happened and better analytics so that those can be managed better, so that frauds avoided, so that subjugation is better managed is a real interesting scenario. I really like those scenarios involving worker safety and helping to operate in a more assured environment.

RW: In terms of when enterprise companies were introduced to the internet in the mid-90s, what’s the biggest mistake that companies made then, that they can’t afford to do right now with IoT?

JR: When the first e-commerce models were coming along, a lot of very smart people were very dismissive to the impact that that would have over time. I think retail is maybe the easiest one to look at. Today, e-commerce and digital capabilities is a significant piece of the overall retail environment, and it’s where almost all of the growth is. Too many companies dismissed it and sat on the sidelines and so my advice to companies even if now isn’t the time to go big in IOT or to change a business model based on IoT, you need to at least be paying attention and getting really smart on what are your competitors doing, what are similar industries doing, where are investments going on IoT in your industry and I would encourage you to start building some organizational capacities. Some smarts and abilities to execute on these models, because when it becomes late in the games, it’s going to be really hard to build those experiences and that organizational capacity. I think the mistake to avoid is to think that it won’t impact you and to do nothing.

RW: In closing, who really need your book immediately? Who benefits from reading this book right away?

JR: Anybody who’s in an organization who is in a position to be answering the question ‘What is our IoT strategy?’ Sometimes that’s in the business, sometimes that’s in the technology organization, sometimes it’s in the product and field organization. It can be in a lot of places, but anybody who’s asking that question ‘What’s our IoT strategy?’ I think should read the book.

The post “The Amazon Way on IoT” – John Rossman discusses his latest book appeared first on ReadWrite.