Selling Safety: Why the Success of Your IoT Product Depends on Security
As the popularity of Internet-of-Things devices continues to grow, cybersecurity will play an increasingly important role in consumer preferences. In a recent IEEE paper titled The Internet of Things Promises New Benefits and Risks, MIT researchers consider the significance of security in the adoption of new IoT products. The researchers also discuss other factors that may encourage adoption in areas that have seen slow growth relative to others.
Consumers Want Safety
Security concerns related to IoT products have long been in the public discussion. A 2015 study by Icontrol found that 40% of Americans are concerned about information being stolen from their smart home. After the “My Friend Cayla” doll was found to be vulnerable to malicious data interception, the German government stamped it with a “trash it” recommendation.
Issues such as the “My Friend Cayla” incident can have a significant impact on the adoption of a new product or technology. Since modern technologies often take on a “winner-takes-most” scenario, an early cyberincident can cause a serious dent in the profitability of your business.
Perception is Pivotal
While the perception of security is important, consumers may have a misguided perception of the specific risks involved with a product or portfolio. For example, IoT and smart devices have been heavily adopted into HVAC (heating, ventilation, and air conditioning) systems, but not into CLS (lighting) systems.
Many consumers express a security concern regarding the incorporation of IoT into their lighting systems, even though risks to HVAC systems are much greater. A successfully marketed IoT product will combat and alter these perceptions by highlighting security features, and with an honest dialogue about risks involved in adoption.
Security versus the User
Like all IT products, IoT devices must tread a fine line between security and usability. Products must be thoroughly tested in real-world applications, to understand whether security controls are a boon or a bust for actual users.
It’s also a good idea to offer various optional “layers” of security, to be implemented at the user’s preference. Different user environments require different levels of cybersecurity. An IT admin in a corporate datacenter will want their device locked down and connected to authentication services, whereas a non-technical user will be intimidated and frustrated by high levels of security. Rather than forcing users into a specific security configuration, it’s wise to offer them flexibility to fit their needs.
Another key component of a successful IoT product strategy is to involve a purchaser’s security professionals into the sales discussion. When cybersecurity specialists, such as a CISO, are involved in the sales discussion, the sales team has an opportunity to respond to and dispel concerns about your product’s security risks. A productive dialogue will go a long way towards getting a security team to tolerate, or even encourage, the adoption of your product.
When it comes to security, the success of your IoT product depends on four things:
- The quality of your security compared to competitors
- The effectiveness of your advertising of the product’s security measures
- The ease with which users can implement security features
- The avoidance of any cyberincidents related to your company and products
As Internet-of-Things adoption spreads worldwide, the discussion around cybersecurity will spread with it.
IoT device producers and sellers would do well to incorporate security features into their devices to help distinguish them from competitors. Lastly, at all times, managing and maintaining an honest dialogue around security will encourage adoption of your device, and drive sales to new heights.
M. S. Jalali, J.P. Kaiser, M. Siegel and S. Madnick, “The Internet of Things Promises New Benefits and Risks: A Systematic Analysis of Adoption Dynamics of IoT Products,” in IEEE Security & Privacy, vol 17, no. 2, pp. 39-48, March-April 2019. doi: 10.1109/MSEC.2018.2888780 URL:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8677360&isnumber=8677281