The internet of things (IoT), industrial internet of things (IIoT) and edge computing sectors are expanding at a breakneck pace. Research firm IDC forecasts that worldwide IoT spending will reach $745 billion in 2019 and surpass the $1 trillion mark by 2022.
In this Insider Pro special report investigates the opportunities that stretch from smart homes to smart factories to smart cities and even as far out as the ocean, where sensor networks monitor oil rigs. It looks at how incumbent tech giants are investing their IoT dollars, where venture capital (VC) money is flowing, and what new technologies startups are developing to plug IoT gaps.
It also looks at the risks enterprises must contend with in this chaotic, gold-rush market. IoT risks range from the familiar (ransomware, spear phishing) to the novel (baby monitors used to threaten kidnapping) to potentially world-changing cyber-espionage and hybrid warfare incidents.
Many businesses will have no choice when it comes to IoT, as their early adopting competitors gain numerous advantages. This report will contrast the opportunities with these threats to help you prepare a risk-first plan as you venture into the IoT Wild West.
Edge fortune or calamity?
As everything from industrial sensors to self-driving cars, and from oil rigs to your Alexa virtual assistants connect to the internet, the expansion of the IoT market mirrors that of a gold-rush boomtown.
Entrepreneurs who hit the market early with the right IoT product at the right time stand to make a fortune, but plenty of fortunes will almost certainly be lost as massive risks lurk behind nearly every opportunity.
If the IoT market were a Wild West gold-rush town, it would be Deadwood, the South Dakota gold-rush boomtown that is famous for being as lawless as it was profitable.
Market opportunity: Is there really gold at the network edge?
The prospect of virtual gold in the IoT market abounds. As investors continue to flock to the market, analysts and researchers have begun forecasting massive revenues for the sector. They may differ in their predictions, but in general, analysts see IoT growth continuing at a breakneck pace for the foreseeable future.
“The next chapter of IoT is just beginning as we see a shift from digitally enabling the physical to automating and augmenting the human experience with a connected world,” saidCarrie MacGillivray, vice president,Internet of Thingsandmobilityat research firm IDC.
IDC forecasts that worldwide IoT spending will expand to $745 billion by the end of 2019, an increase of 15.4 percent over the $646 billion spent in 2018. IDC expects worldwide IoT spending will maintain a double-digit annual growth rate throughout the 2017-2022 forecast period and surpass the $1 trillion mark in 2022.
IDC is not alone in its bullish assessment of the market.
According to research firm Gartner, there will be more than 20 billion connected devices in use worldwide by 2020.
Other analysts have similar forecasts. Here’s a small sample of the optimism surrounding the market:
How incumbents are investing in IoT
Incumbent tech vendors, such as AWS, Dell and Cisco, are pouring billions into IoT and edge computing products and services. HPE last year invested $4 billion on its “intelligent edge,” while Microsoft pumped $6.5 billion into its IoT efforts. Other major tech companies, such as IBM, Intel, Oracle and SAP, are also aggressively building out their own IoT and IIoT portfolios.
The sectors driving demand in the near-term span the entire economy from connected cars (Tesla, BMW, GM, etc.) to supply chain and fleet management organizations (Ryder, FedEx, DHL) to industrial conglomerates (GE, Siemens, Bosch). The IoT is embraced by the energy sector (Schneider, BC Hydro, Engie Solar), drives smart city initiatives (Chicago, Barcelona, Boston, Los Angeles, Hong Kong), and IoT is even optimizing agriculture, which has seen such novelties as smart barns and connected cows.
With connectivity hurdles falling as mobile, mesh, satellite and various narrow-band services become cheaper and more ubiquitous, the IoT gold rush will keep pushing the enterprise edge further and further out into the cyber frontier.
IDC’s most recent Worldwide Semiannual Internet of Things Spending Guide forecasts that the industries that will spend the most on IoT solutions in 2019 will be discrete manufacturing ($119 billion), process manufacturing ($78 billion), transportation ($71 billion) and utilities ($61 billion).
The IoT use cases that will see the greatest levels of investment in 2019 will be manufacturing operations ($100 billion), production asset management ($44.2 billion), smart home ($44.1 billion) and freight monitoring ($41.7 billion), according to IDC.
IoT startups and edge opportunities
As they so often do, VCs triggered the gold rush by investing heavily in a slew of IoT startups. Crunchbase reports that U.S.-based IoT startups alone attracted nearly $1.5 billion in funding in 2017 (the last year for which data is available).
I’ve covered many of the startups targeting bleeding-edge opportunities in the IoT. After evaluating more than 100 IoT startups to find high-upside ones to feature (my selection methodology is explained here), a few trends emerge:
- IoT insecurity is a massive problem (one we’ll explore in more depth below).
- Device and edge-networking constraints will force vendors to layer security differently onto – and deeply into – IoT networks than traditional ones.
- IoT and especially IIoT opportunities deliver higher TCO when complemented by related technologies, including AI, machine learning and process automation tools.
- Data ownership issues will strain vendor-customer relationships.
- IoT-as-a-Service will be the right approach for businesses with little IT resources or expertise.
- Wireless chipsets are cheap enough and end-user data valuable enough that connectivity will be a table-stakes feature in cheaper and cheaper devices.
- IoT vulnerabilities will continue to impact National Security in ways that have already and will likely continue to threaten corporate activities and economic markets.
If this looks more like a laundry list of warnings than emerging opportunities, remember that enterprise startups fare best when they target real-world problems that businesses will pay good money to solve.
IoT startups that have carved out solid niches within the emerging IoT market include the following:
- Armis Security, an IoT security platform provider. The startup is backed by $112 million in VC funding and has landed such named customers as Samsung Research America, IDT and Gett.
- Claroty, which is developing an IIoT cybersecurity platform. The startup has raised $93 million in VC funding and recently recruited former NSA Director and Commander of the U.S. Cyber Command Michael S. Rogersto serve as Chairman.
- Sight Machine, a startup that provides AI software that analyzes IoT data to help manufacturers solve productivity and quality challenges. Sight Machine is backed by $60 million in VC funding and has landed an impressive list of on-the-record customers that includes GE, WestRock, Nagase, Inteva, Fiat Chrysler, Komatsu and Fujitsu.
Looking more narrowly at IIoT startups, the sector already has a couple of its own unicorn startups, such as Uptake with $258 million in funding and a $2.3 billion valuation and C3 IoT with $243 million in VC funding and $1.4-plus billion valuation (the C3 IoT valuation was not publicly updated with its latest $100 million round of funding, so its valuation is outdated and conservative).
IoT market risks: The Internet of Threats
The IoT gold rush fever is threatening to spread into a full-blown epidemic, as the early wins attract lesser-skilled copycats, speculators and even fraudsters. The risks in the sector, however, extend far beyond the fear that this could be a hype-driven bubble market.
For starters, who controls these devices and who’s responsible for securing them? In fact, who really owns these connected devices, which are often handed out gratis by service providers, and who gets to access all of the data they generate?
What exactly are the “owners” going to do with all of that data, especially consumer data?
Perhaps most troubling about the IoT market is that the landscape is every bit as dangerous and lawless as boomtown Deadwood, even more so, perhaps, given the reach of this borderless, global environment.
The main concerns, though, aren’t about overeager prospectors being conned out of their savings by IoT snake oil salesmen, although that’s a large enough problem in and of itself, but about all of the cattle rustlers, highwaymen, and hostile state-sponsored actors who are being connected to opportunities that only a few short years ago they would have had to work much, much harder to exploit.
If you were outraged to learn that Facebook played fast and loose with your social media information, imagine when a corporation sells transcripts (transcribed by AI) of the private conversations you had in your home that were picked up by your virtual assistant, or consider what will happen when your car constantly reports your behaviors back to the auto manufacturer and to your insurance company.
Edge vulnerabilities expands exponentially
These scenarios aren’t speculation. Virtual assistants (Echo, Siri, Alexa) have already been used by their creators to mine “private” conversations for third-party advertisers. Baby monitors have been by hacked to monitor a child and threaten to kidnap him, and according to a report commissioned by cybersecurity firm Netscout, the typical smart device is targeted by hackers within the first five minutes of connecting to the internet.
Of course, consumer products tend to have leakier cybersecurity than enterprise ones, or at least that’s the conventional wisdom, but enterprise, infrastructure and IIoT breaches are commonplace too. Incidents include hackers shutting down a floating oil rig by tilting it; the Mirai botnet, which brought down much of the internet on the U.S. east coast; and attacks against infrastructure, including electrical grids, dams and even nuclear facilities.
A survey conducted by consulting firm Altman Vilandrie & Company found that nearly half of U.S. enterprise IoT networks have been breached. The survey polled approximately 400 IT executives across 19 industries and found that 48 percent of firms have experienced at least one IoT security breach.
Formulating the right defensive posture is difficult, however. Passive solutions, such as visibility tools, leave you vulnerable. Reactive ones mean your liabilities hit before you even know you have a problem, and more proactive solutions tend to require resources that aren’t available at the edge.
The Altman Vilandrie & Company survey also revealed the significant financial exposure of poorly secured IoT networks, finding that the cost of the breaches represented 13.4% of the total revenues for companies with revenues under $5 million annually and tens of millions of dollars for the largest firms.
Nearly half of firms with annual revenues above $2 billion estimated the potential cost of one IoT breach at more than $20 million. In other words, ransomware, infrastructure attacks and whole new categories of zero-day malware threaten to wipe out any gains businesses attain through the IoT.
IoT problems require risk-first solutions
In the 2020s, the IoT will expand to encompass more than 20 billion devices and grow to a more than $1 trillion market. Enterprises seeking to embrace IoT technology have plenty of options to choose from, including burgeoning IoT portfolios offered by tech incumbents, such as IBM, Microsoft and Intel, as well as novel IoT products offered by a range of startups that provide everything from IoT security to IoT-as-a-Service to AI-driven tools.
Many enterprises will have no choice but to embrace the IoT, as their competitors improve productivity, reduce downtime and gain a range of insights from their armies of connected devices.
However, the IoT landscape is a chaotic, lawless one. Risks to enterprises deploying IoT networks extend far beyond the usual cyberthreats, such as IP theft, data loss and cyber fraud, all the way to cyber espionage and National Security threats. As such, businesses entering the IoT Wild West should do so only after carefully assessing their risks, investing in their defenses and planning for how to recover from worst-case scenarios.