Market research firm Gartner has estimated that the number of Internet of Things (IoT) devices in use globally will grow from 8.4 billion in 2017 to 20.4 billion in 2020. This near exponential increase in the number of Internet of Things (IoT) devices in the last few years, has significantly influenced the lighting industry.
Most legacy or unconnected lighting devices have taken the path to digitisation and are now connected to the Internet, thus increasing the attack/threat surface. Such a surge in connected lighting devices will have ramifications both in terms of cybersecurity and data privacy.
Cybersecurity threats can impact the lighting industry by directly influencing command and control of the lighting devices (most likely used as a pivoting point) to gain access to other connected systems. Depending on the threat vector, lapses in cybersecurity and data privacy can have varying results such as an annoyance, minor disruption, compromise of personal data and safety concerns to name a few. Data privacy issues might arise from the fact that most connected lighting devices tend to have other purposes than just lighting and might collect, store, or process personal data such as geolocation, users’ personal credentials including username and password.
In this digital age, for most organisations, cybersecurity threats and data breaches can be detrimental by impacting its revenue, reputation and incurring the wrath of the regulatory agencies via fines and penalties. Thus, cybersecurity and data privacy should be addressed throughout the IoT device lifecycle.
This position paper, drafted by the MELA membership, aims at bringing the issue of cybersecurity and data privacy in connected lighting to the attention of regulatory authorities in the Middle East region, with the objective of pointing a practical path forward. This in the hope that future regulatory activity can include safeguards to protect ‘data subjects’ and inform and bind those who hold their data to the highest standards.
The position paper can be downloaded by clicking here.