According to IDC, spending on the internet of things was at $737 billion in 2016 and forecasted to grow at an annual rate of 15.6%, reaching $1.29 trillion in 2020. That is not surprising, as forecasts projecting massive growth for IoT exist everywhere. While consumer IoT is often where the hype is, much of the current spending is in the enterprise, with manufacturing, transportation and utilities representing 44% of the 2016 spend (per IDC).
Another hyped market is big data. Also from IDC, spending on big data and business analytics solutions will grow by more than 50% from 2015 levels to more than $187 billion spent in 2019, with the big spenders in big data coming from the manufacturing and banking industries.
I don’t think there is much question that IoT and big data represent rapid growth and hype. I also don’t think many would disagree that much of the IoT and big data opportunity overlaps with each other. IoT is much more than connecting to a new sensor, device or thing, it is also a mechanism to collect and distribute data. This is something I wrote about last year when I talked about the opportunity for IoT in the enterprise:
“The value in this enterprise context is the potential for IoT to manage the interactions within this complex fabric of new sensors, gadgets, mobile devices, apps and old legacy applications and physical infrastructure.”
One interesting data point from the IDC research above is that much of the investment is happening in select verticals like manufacturing and banking. You can argue that manufacturing started doing IoT before it was called IoT. Manufacturing saw early on the tremendous potential to automate workflows across their manufacturing processes. The question is, once you get outside of manufacturing, what types of opportunities will there be in the enterprise for the intersection of IoT and big data?
The intersection of IoT and big data
This is a broad question, probably better to ask where is there not an opportunity. IoT, and the rapidly increasing set of devices, sensors and things, represent a tremendous opportunity to connect everything together, and there will be tremendous value generated by all of these new connections. The question then becomes what to do with all of the data generated by these connections? Will this data unlock new opportunities and help solve unsolved problems? And where does the typical enterprise organization start in unlocking this potential?
It turns out, the typical enterprise has started. According to 451 Research, 71% of IT leaders are already gathering data for IoT initiatives. A big advantage of IoT is the ability to easily collect data across all parts of the organization, including parts of the organization that historically may not have dealt with each other that much:
“IoT affords cross-industry and cross-silo interaction at a data level. CIOs must remember that data is ultimately platform independent and data science is also now available as a service.”
– Ian Hughes, 451 Research
Collecting the data is the easy part, putting it into use is the hard part. According to Forrester, only 33% of companies are leveraging the data they collect to inform any type of useful insight. I believe a reason for this is the data collected is still associated with specific silos within the organization. The real benefit of analytics to the enterprise will be leveraging data collected across the entire organization. Looking for new insights that cross silos, cross business units and connect competing groups.
In my interactions with customers, the characteristics I see in those most ready to take the leap into an enterprise IoT initiatives are those that have some sort of cross-functional technology user group in place. They have put in place the means for users, IT, operations, facilities, etc. to collaborate on solving complex business problems. IoT in many cases provides an easier way to solve those problems. The first step in putting IoT and big data into play for your organization is ensuring open lines of communication across all parts of your organization. The next step is figuring out which business problem to tackle. One area worth investing in is tying IoT and big data to your organization’s security strategy.
IoT and big data: Tools for enterprise security?
Looking at recent data from the Ponemon Institute, the vast majority of organizations feel that their existing security solutions are outdated. They expressed a need for a new IT security framework and that they are not fully prepared to deal with security risks related to IoT.
That same study also found that 70% of organizations believe that big data will be important to them in reducing security risks. To summarize, there is broad consensus among organizations that their current security approach is not appropriate, and that a new approach is needed. They also see big data as a potential tool to include in an updated security portfolio.
If IoT and big data can be a tool in your security portfolio, where is a good place to start?
Revisiting the Ponemon Institute security study, protecting access to apps and information is an area where current security approaches are not effective. Only 37% of organizations feel they have a good handle on protecting access to information on devices, servers or in the cloud. And only 40% feel they are effective in protecting their apps and data.
This is a problem that big data can help solve. To solve it, you will need consensus across your organization on what data you have access to, what you are looking for and the goal for your insights. Analytics can track when your most sensitive applications are accessed. This can be combined with other access events, like when employees badge into building access, where they are at when they use a smartphone to check email, and when they access even more mundane apps like email. This gives you a picture of common access patterns, and allows you to trigger alerts when access patterns do not follow the norm.
A common example often used is the physically impossible access event. Like when an employee checks their email in a Starbucks in New York when at the same time there is a building badge in access event in Boston. That could mean compromised devices, badges or credentials. Also useful is understanding typical usage patterns for access to sensitive information. An employee suddenly accessing sensitive information from a network or cloud location late at night on a Saturday potentially indicates stolen credentials, or perhaps malicious activity from the employee. Applications themselves may abruptly start sending information to other locations and applications in an abnormal way. Knowing the difference between normal or abnormal access activities should be a big part of anyone’s security strategy. And big data and machine learning enables this by illustrating the overall access patterns for your employees and your applications.
Where does IoT fit into this? Remember, the enterprise definition of IoT mentioned above is managing interactions in a complex fabric of data, devices, things and applications. IoT can feed the appropriate data from multiple sources across your entire organization to your big data analytics solution. Additionally, IoT can close the loop on your security approach. Big data combined with machine learning is good at offering descriptive analytics on what is happening now, or predictive analytics on what could happen. However, actions based on the results of that analysis will not happen without some sort of workflow. IoT closes that loop by triggering workflows and acting on alerts based on what the analytics is telling you. Examples include automating the revoking of access or triggering the monitoring of access for further observation. IoT makes it easier to trigger workflows across different systems managed by different teams throughout the organization.
We know current enterprise security strategies aren’t working, but combining IoT and big data will move businesses in the right direction.
We know most enterprise organizations are not satisfied with their current security approach. And we know that most are investigating and collecting data for IoT initiatives. Combining these sentiments is an opportunity area for the enterprise to improve their security posture. The good news is there are plenty of tools out there for you to leverage. And you don’t have to start with an expensive set of tools. You can start small by using IoT and big data tools to correlate when physical and virtual resources are accessed and how they communicate with each other. This by itself helps to inform your security strategy, providing guidance on appropriate and inappropriate access patterns throughout your organization. And it is worth noting, hackers are also using big data and IoT automation to improve their attack techniques. This infers a real risk falling further behind in your security strategy if you don’t find ways to put IoT and big data to use.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.