The Internet of Things(IoT)devices have grown in numbers and significance dramatically. However, the tremendous ease of access to information, quick data sharing, and extremely low accountability are making them vulnerable in the realm of cybersecurity.  It came into the prominence around 2010. Gartner included it in the list of ‘hypecycle for emerging technologies'. As a concept and technology, IoT became the prime focus of discussions in conferences & seminars. The expansion has been extremely rapid were over 10 billion are connected to IoT devices as of now. Thus, the number is estimated to reach 22 billion by 2025. Most of the objects that drive our daily lives can be connected to the internet by allowing for transfer, sharing and collecting data & information.

The inclusion of sensors in these objects has made them digitally intelligent and smart. That is all that is required to have access to data and information in realtime. Mobile technology, cloud computing, and analytics have helped push the envelope. The critical advantage of IoT is that, it makes operations efficient, less time consuming, and it is streamlined, so it reduces human involvement, enhances productivity, decreases costs, and helps to adapt the changing technological environment. However, this easy access to data makes private data less secure and the vulnerable devices turn into routes to enter a network & launch cyber attacks. Cyber attackers are taking this route more often, with F-Secure finding a three fold rise in cyberattacks on IoT devices in their report `Attack Landscape H1 2019'. A few common forms of attacks on IoT devices are social engineering attacks, botnets, denial of service & distributed denial of service, zero day attacks, and man in the middle. The concerns were raised by experts and industry leaders at a session of the 27th Convergence India 2019.

"The software on the IoT devices is often not updated and patches are not regularly pushed out & installed"

Largely, IoT devices are susceptible because they lack the essential built-in security to counter threats.  Hence, users contribute to the devices' vulnerability to threats. Let us see what makes IoT devices the vulnerable element in the security chain,

·Device Supervision Issue: There is a high risk and chance of hostile IoT devices getting installed in a network without authorization. There is not much audit or regulation done on the IoT devices present in the network. The lack of device management equates to lesser visibility of the network. This makes the network vulnerable and susceptible to potential cyberattacks. Healthcare is probably the only sector where there is proper management of IoT devices.

·Heterogeneous Makes it Complex: A plethora of devices get installed and incorporated into a network every day. It may be printers, surveillance cameras or smartwatches. They have different sensors, operating systems, and original equipment manufacturers. In such a scenario, standardization of security operations is difficult.

·Not Regularly Updated or Patched: The software on the IoT devices is often not updated and patches are not regularly pushed out & installed. That exposes the network's security and creates an ideal condition for the bad actors to swoop in & exploit the vulnerabilities.

·Data Breach: Transfer of data & information between IoT devices, information occurs all the time, and the data is collected & analyzed to develop insights. With devices lacking optimum security safeguard, data can flow and gets stored at unknown locations. That allows for a hostile device or system to access the data and information, by exposing critical and sensitive information.

·Weak Passwords: Many IoT devices have weak passwords which make it quite simple for the bad actors to break into the devices and launch an attack on the network.

Conclusion
You may have the necessary security tools to monitor your environment or you may need to look into a better way of securing your IoT devices. Early intrusion detection has always been one of the best ways to avoid the worst security incidents. It remains true in the IoT era  as well.