Victor Malchikov

Pandemic risk may drive IoT risk

Blog Post created by Victor Malchikov Employee on Apr 1, 2020

As everyone grapples with lifestyle adjustments brought upon by a global pandemic it can be beneficial to stop and reflect on the unintended consequences of those adjustments.  One possibility worth considering is that COVID-19 may accelerate or drive increased adoption of IoT.


As we have gained more insight and understanding about SARS-CoV-2, the virus that causes COVID-19, we have learned just how long it can survive on surfaces, which may contribute to the high transmission rates being observed.  IoT can play a role in reducing this risk by creating touchless interactions with the world around us, reducing the number of shared surfaces we must touch.


Take a concrete example of a grocery store employee.  This employee may have to adjust the thermostat in the refrigerated section, something that a dozen other employees have touched in the last 24 hours.  If instead the thermostat was an IoT, connected device, it might automatically sense people in the building and adjust temperature without interaction.  If nothing else, the employee could interact with it remotely and not be forced to physically manipulate it.  This would safeguard employees by reducing interaction with a shared physical device that can act as a transmission vector.  There are countless other examples of where smarter, connected devices can lead to a better and hopefully safer environment.


In a 2019 white paper  ( we cited Gartner’s forecasts of IoT usage for 2019 to be around 14.2 billion devices with projections reaching 25 billion by 2021. Governments were already actively developing “smart cities” where new and existing infrastructure was being outfitted with IoT devices for the purpose of increase operational efficiency. Likewise, consumer market for smart thermostats, cars, speakers, door-bells, and other devices is also on the rise as companies offer modernized solutions to existing products. In a post-COVID world, we can reasonably assume that demand and adoption of IoT will increase.


As companies rush to introduce new IoT solutions they need to take measures and safeguard against threats posed by those devices. This requires visibility and monitoring, as would exist in traditional IT environments, with analytics focused on detecting the threats that are common in IoT.  In particular, the IoT gateway, which serves as the last hop between the IoT device and the edge network leading back to the cloud, is a critical piece of infrastructure.  As such they also make attractive targets for attackers and need to be protected.


It is precisely this choke point where the RSA IoT Security Monitor is deployed to collect data, not just into the gateway, but by proxy into the connected IoT devices as well.  Meta data from these gateways is then fed back to a cloud service where machine learning and other behavioral analytics are performed; and visibility is provided to the customer.

Understanding that modern solutions require modern technologies, the RSA IoT Security Monitor solution is a cloud-native, microservice application provided on top of the AWS infrastructure enabling rapid scaling and high availability.  Insights can be viewed directly in a ReactJS UI (see Figure 1), or alerts can be consumed by any SIEM tool the customer may already be using; enabling a single pane of glass to see all incidents across an organization, whether they are typical IT assets or newer IoT assets.


Figure 1:

RSA IoT Security Monitor - Alerts


With this capability, RSA can continue to be a trusted partner that helps companies build durable solutions to security challenges.  For more information visit