To deal with the risks posed by the explosive growth of the internet of things, CISOs and CIOs must expand the scope of their security efforts, says Ganesh Ramamoorthy, vice president of research at Gartner.
"There is no doubt that the scope of security is going to get expanded beyond IT because of IoT," Ramamoorthy says in an interview with Information Security Media Group. "With IoT, operational technology is coming into the picture. IoT projects today are talking about integrating the IT side of things with the OT side. CISOs and CIOs need to be concerned about understanding the software and hardware landscape of both these sides."
If attackers tamper with an IoT device, the impact can go beyond data loss, affecting business operations, he notes. "Once attackers start taking control of these devices, their motives are also going to change from just stealing information ... to now being able to intentionally harm people or that environment," he says.
In this exclusive interview (see audio link below photo), Ramamoorthy discusses:
- What CIOs and CISOs need to understand about IoT;
- The impact IoT is going to have on the CISO's role;
- The need to develop a cybersecurity policy that encompasses a broad spectrum, including IT, OT, physical security and IoT.
Ramamoorthy is a research vice president at Gartner, where he covers the global markets for IoT, wired communications semiconductors, application-specific semiconductors, semiconductor IP, chip design services and embedded software. He has more than 20 years of experience in the technology industry. Ramamoorthy is Gartner's agenda manager for semiconductor markets research.