The first chapter of this book revealed the size, growth, and potential of the Internet of Things (IoT). There are currently billions of devices, and the double-digit growth of connecting the analog world to the internet also forms the largest attack surface on Earth. Exploits, damage, and rogue agents have already been developed, deployed, and spread globally, disrupting countless businesses, networks, and lives. As architects, we are responsible for understanding the IoT stack of technologies and securing them. As we place devices that have never been connected to the internet, as good citizens, we are accountable for designing them. 

This has been particularly difficult for many IoT deployments with security often being thought of last. Often, systems are so constrained that building enterprise-level security that modern web and PC systems enjoy is difficult if not impossible on simple IoT sensors. This book also talks about security after all other technologies have been understood. However, every chapter has touched on the provisions of security at each level. 

This chapter will explore some particularly heinous IoT focused attacks and give thought to how weak security is in IoT and how much damage can be done. Later, we discuss the security provisions at each level of the stack: physical devices, communication systems, and networks. We then address software-defined perimeters and blockchains used to secure value in IoT data. The chapter wraps up by examining the United States Cybersecurity Improvement Act of 2017 and what it could mean for IoT devices.

The most important thing in security is to use it at all levels from the sensor to the communication system, router, and cloud.