Such a mix renders them extremely susceptible to cybercrimes such as unauthorized access, data leakages, and denial-of-service. In basic terms, the more related a system is, the more vulnerable it is.

Security vs Resilience: What is the Difference?

The majority of individuals believe that cybersecurity is about the prevention of attacks and the blocking of attacks only. Firewalls, antivirus, passwords, encryption--all that is meant to prevent unauthorized access.  The truth of the matter is beyond this. There is no fully cyber safe system or attack-proofing. This is why the idea of cyber resilience is gaining momentum and becoming more applicable. Rather than question, Can we stop every attack? a more appropriate question that must be asked will be:

 Is the system capable of sustaining its operation in the event of an attack?

The focus of cyber resilience is on three major skills:

• Detecting threats or any kind of attacks prior or at the early stage
• Responding effectively and efficiently to prevent the device and any kind of data
• Fast Recovering of data with less harm

What Does It Take to Have IoT Systems Resilience?

In examining the aspects of IoT security further, it is more evident that resilience does not rely on a single aspect. It involves a combination of various factors that occur at the same time. They can be largely categorized into three types:

1. Technical Strength

That is what the majority of the population relates to cybersecurity.

Key components include:

• Authentication - authentication of devices to users, Make supreme policies and schemes.
• End to End encryption - data to be protected from breaching or stealing.

All the latest-advanced systems can be easily compromised without regard to these components.

2. Organizational Support

Security is not just a technical problem alone, it is a management problem as well. Organizations are important as they:

• Adopting explicit measures for cybersecurity prevention
• Allocating separate budget for safety and security measures
• Compliance with standards strictly

When the issue of security is addressed at the organizational level, as a priority, systems would be much stronger.

3. Human Awareness

It is the factor that is most undervalued, most of the time, and is the weakest link, at times.

Following pointers are important in this context:

• Using weak passwords - not a good option
• Software updates - mandatory, not to be ignored.
• Clicking on suspicious links - Block these links, a big no

By following these little steps and keeping important instructions can help at one point. On the other hand, user knowledge and awareness will enable the first line of defense to prevent any attacks or danger.

Surprisingly interesting  Insights:

Multiple interesting patterns can be identified when factors affecting the security of IoT are studied jointly:

✔ There is high authentication and encryption which enhances system resilience greatly.

 ✔ Patch management and regular updates are very important.

 ✔ Organizational policies and investments strengthen overall security of the system and devices

The greatest surprise is the effect of user awareness that is generally more pronounced than expected. The application of technology in itself may not be safe. What is equally and what is even more important is the behaviour of the users who work with that technology.

The results of individual security practices may not guarantee any measurable results. Not all things that appear to be important cannot have an immediate impact. Less relevant factors are more influential and can be easily identified. The fact that you are susceptible to cyber risks or threats does not imply that you are weaker. This implies that studying cybersecurity is not an easy task, and nonetheless, it can be done. The overall effect changes depending on the situation. Also depends on how the things are being used and put together in new ways.

The Vulnerability:

One of the factors that always shine through is the aspect of vulnerability. Systems that are more vulnerable, be it by design, old software or misconfigurations, are much less resilient. In fact, vulnerabilities do not only increase the risk, but they rather reduce the ability of the system to recover after the attacks. Therefore this renders vulnerability management a top priority. The reason this is more than ever important. IoT has ceased to be gadget-based and convenient. It has become a part and parcel of:

• Healthcare monitoring systems
• Transportation network systems
• Smart home and smart cities
• Smart Industrial operations

The fact that security breaches in these domains are not only inconvenient, but can also be the cause of major threats and loss as well.

For example:

• Medical device (During operation) hacked.
• Faulty traffic system (Diversion and accidents can happen)
• Weak industrial control unit (Production of the wrong product and destructive supply chain management)

These security failures have much more serious consequences than the loss of data.

Key Points: It is not merely about the prevention of risks and attacks, but also an ability to survive and change with the new circumstances and conditions. It takes more than technology; people need to be aware of what is going on; and businesses need to be responsible.

Security should not be left to organizations and people to take care of. It should be made to happen by collaborating with institutions, users, organizations and the government. The phasing will help in the security measures being withdrawn as a greater number of people utilize the IoT devices. Users must be more all-encompassing, safe and combined.

More in-depth research, more study, implementation and awareness is required to deal with the problems in IoT security. As an alternative, it may be a good idea to employ the latest tools like Artificial Intelligence and Explainable AI to find the threats to make sure that the data are transmitted and received safely.

Users and organizations keep this thing sure that patches and system updates are done on time, and raise user awareness through structured education and training programs.

It is crucial to concentrate on ongoing monitoring, risk assessment, and proactive vulnerability management in order to address security risks in dynamic IoT environments.

“Being safe means being ready to face the world where everyone is always connected through the Internet. More smart devices are coming and are making things easier, more organized, and more connected. But this is where the word true smartness doesn't just come from how well things work; it also comes from how long they last. A system that fails is not as strong as one that works, but rather how it works when it does”.

Latest News (Source: https://timesofindia.indiatimes.com/technology/tech-news/software-engineer-accidentally-gains-control-of-7000-robot-vacuums-in-a-security-flaw/articleshow/128805635.cms?utm_source=chatgpt.com )

A recent case revealed that a software engineer accidentally accessed around 7,000 connected robot vacuums due to a security flaw in cloud authentication systems. The breach exposed sensitive user data, including live feeds and home mapping information, highlighting critical risks in IoT device security.

Author - DEEPIKA (Assistant Professor and IIC Convenor)