“Many people are saying the discovery of a security vulnerability within a dishwasher is yet another example of consumer security not being properly protected. But it should come as no surprise. Manufacturers around the globe are competing to build the latest innovations into their products, including making them ‘smart’ devices. The rise of the IoT is forcing manufacturers to move out of their comfort zones and into areas they are not, such as software development and security.
As manufacturers start connecting more of their products to the Internet, they must increase focus on security when they are in development. This includes careful code testing, continuous maintenance, careful mapping of bundled software and verified intelligence about software vulnerabilities in that software as well as ample resources to react promptly and effectively as soon as a vulnerability in the product is reported.
On this occasion, there is currently no known patch for the vulnerability and this must be addressed during the development stage. Fortunately, new technologies are now available so application producers can push updates out to customers and force implementation – reducing risk exposure and potential liability – but this still requires manufacturers to have a software vulnerability management strategy.
Many manufacturers are simply unaware of the real-life challenges associated with the IoT, no Internet-connected device is 100% secure. If it is connected to the Internet, it can probably be hacked. It is therefore, as a manufacturer, critical to have a software vulnerability management strategy in place.”
Hugh Darvall, Director of Sales, ANZ at Flexera Software
