JUL 12, 2020 | GLOBAL
Fintech Needs IDIoTs
Forbes, July 12, 2020
By David G.W. Birch
Anyone can connect their kettle, car or children to the Internet. And it’s tempting to do it just because it can be done. But keeping them secure? That’s another and altogether more difficult problem. If we are going to make an the IoT a platform for financial services, if we have a vision of luggage that can sort out least-cost routing and lightbulbs that can trade energy derivatives and cars that can buy their own insurance then we’re going to have to pause for breath and rethink the platform, because that botnet is only the beginning.
The noted security expert Bruce Schneier (one of the key thinkers in this space) has rather eloquently likened IoT's market failure (which is that I don’t care that my toaster is insecure and is bringing down your bank, and neither does the manufacturer - it’s cheap and it works) to a kind of post-industrial pollution. It’s an externality that can only be fixed by society as a whole and, as unfashionable as that might be, that means regulation. It’s time to begin a conversation about what that regulation might be, before it’s too late. California’s SB-327 that requires manufacturers to set different passwords for devices is a good example of what’s needed, but it’s only a start. As the Business Software Alliance’s useful principles for “Building a Secure and Trustworthy IoT” say, security policies should “incentivise” security through the IoT life cycle. That means a different mindset and it's a mindset that sees the need for an infrastructure.
À PROPOS DE BSA
BSA | The Software Alliance (www.bsa.org) est le principal organisme de défense et de promotion de l’industrie du logiciel auprès des administrations gouvernementales et sur le marché international. Ses membres comptent parmi les entreprises les plus innovantes au monde, à l’origine de solutions logicielles qui stimulent l’économie et améliorent la vie moderne.
Basée à Washington, DC et présente dans plus de 30 pays, BSA est pionnière en matière de programmes de conformité qui encouragent l’utilisation légale de logiciels et plaide en faveur de politiques publiques à même de promouvoir l’innovation technologique et de favoriser la croissance économique numérique.