Tim Berners-Lee introduced the web browser to the public in August 1991 and we all happily sped on to the information super highway like Adam West’s batman, wearing nothing but a skin tight unitard, black pants and a Lucha Libre mask. Security was an afterthought.
However, it soon became clear that the internet is quite a hostile environment and there are some seriously nasty villains out there. Over the decades it became obvious that a witty quip and a can of shark repellent no longer cut the mustard and so internet security evolved to become the Kevlar wearing, armoured car driving, brooding vigilante that we all know and love today.
The modern Internet is much more analogous to Christian Bales Gotham than Adam West’s, supervillains roam the grey urban landscape, intentions are deadly, and spin off movies are rife. Into the middle of this hostile environment we drop the IoT, a great idea with a billion uses, unfortunately (in many cases) with a security posture akin to Adam West’s Batman. I’m not sure it’s going to make it through the opening credits, and even if it does, the first encounter with Heath Ledgers Joker or Tom Hardy’s Bain would be game over.
My point is that security is a reaction to the environment and you can’t have Adam West style security in a modern Gotham internet environment. If you do, you’ll get pwned. I’m not saying every IoT edge device in a network needs Christian Bale level security, but some will, others may only need Ben Affleck, or Michael Keaton, but one thing is clear, no more unitards, Sorry Adam, it’s just not good enough anymore.
Know the risks. Choose your Batman carefully.