Contributed by Chris Roberts, Chief of Adversarial Research and Engineering at LARES Consulting
Let’s start with some simple statistics:
- Over 80 percent of digital attacks are levied against the application layer.
- Over 80 percent of current IoT devices on the market have had little-to-no application security testing.
- In the next two or three years, there will be over 20 billion IoT devices connected to the Internet.
By those simple statistics we now know that somewhere in excess of 16 billion unsecured devices will be connected to the Internet – and this is beyond what we have to deal with today. We are spending billions and billions of dollars a year trying to protect everything, yet we have failed to realize the extent of this tsunami of tech that’s heading our way and being integrated into our homes, lives, offices, families, transportation, and pretty much our entire interaction with the world around us.
What do we do to change things?
Let’s take a look at the history and the future: