Achieving Security in the Internet of Things through Expansion of the Partnership Model

Abstract

There are countless connected devices and applications in the Internet of Things (IoT), in areas ranging from health to automotive and industrial, to energy, security, and logistics. Currently, a lack of security within the IoT presents significant cybersecurity risks, including the compromise of sensitive information and damage to infrastructure. As a way to overcome security challenges, this paper proposes expanding the current public-private partnership framework for cybersecurity to one that more effectively encompasses personal-level considerations. To be successful, this new public-private-personal partnership model will require simultaneous advancements in three co-equal domains: technology, policy, and society. Specifically, technology adjustments consist of upgrades to device access and authorization; policy adjustments consist of changes to cooperation regimes and regulations at the federal, state, and local level; and societal adjustments involve public education about vulnerabilities and changes in attitudes toward individual roles in security. In this research, we leverage two examples of emerging IoT applications: health monitoring and smart-grid. For each application and related sector, we outline the security challenges, discuss the shortcomings of existing public-private partnerships, and make recommendations for the expansion of existing partnerships to the personal level.