The smart home cybersecurity market is seeing renewed interest in terms of vendor investment and user uptake. A number of factors at play, both positive and negative, have combined to offer a windfall for a struggling market. On the one hand, COVID-19 has driven the Work From Home (WFH) movement at a global level. This has pushed employers in particular to expand their cybersecurity remit into their employees’ homes. Concern is especially high with the rise in phishing and malware attempts from keen cybercriminals looking to capitalize on the new enterprise weak points that are employees’ homes. On the other hand, the inevitable advent of 5G (however delayed) is providing some interesting new opportunities for Internet and Communication Service Providers (ISP/CSPs) to protect smart homes, in partnership with traditional cybersecurity companies and networking equipment vendors. Both of these events have provided some fresh dynamics for the smart home cybersecurity market, and there are different approaches being taken that will give a much-needed boost to one of the more poorly served consumer segments.
Integrating Security and Leveraging Micro-Segmentation
|
IMPACT
|
For the smart home security market, vendors have tried to provide security solutions for consumer smart devices for a number of years. Despite concerns around the vulnerability of such devices, especially in the home, the market has never really taken off, even with periodical front-page news stories on connected baby monitor hacking and smart toilet spamming. This is due in part to a lack of investment by Original Equipment Manufacturers (OEMs), which prefer to take risks rather than adding security to their Bill of Materials (BOM), on the one hand, and low consumer awareness and understanding on the other, with many believing liability rests with either the manufacturers or the service providers. This hot potato game means that smart home cybersecurity remains an unyielding market opportunity, despite the growing risks for all parties involved.
However, WFH requirements are educating users about the necessity of proper security in their own homes in order to meet enterprise standards. This conflation of home and work can be a positive for smart home cybersecurity, raising consumer awareness of the inherent vulnerabilities of many of their connected devices, not only in terms of protection from malicious threat actors, but also for their own privacy and the separation of the personal from the corporate.
Two interesting market directions are emerging to tackle these growing security concerns. The first is one that was already largely underway, but is getting a boost from WFH contexts—i.e., the integration of security software/firmware within networking equipment (and specifically home equipment), such as routers and gateways, notably for Wi-Fi 6 and mesh implementations. Avira is a good example of this trend. The German cybersecurity firm partnered with TP-Link earlier this year to integrate its HomeCare Internet of Things (IoT) Smart Home solution into TP-Link’s Wi-fi routers. This brings monitoring and detection capabilities right down to the home network level.
The other market dynamic is banking on 5G and the capabilities it offers for network slicing and microsegmentation. This is the direction Avast is taking, having recently presented a security solution that leverages 5G network segmentation and Virtual Network Functions (VNFs) to isolate home IoT devices. Fine-grained security policies can then be allocated to the various devices in the different microsegments.
Multi-Vendor and Software Service Plays
|
RECOMMENDATIONS
|
These emerging solutions are not necessarily new, but their use in the consumer space and their increasing appeal is. Corporate-liable home offices, coupled with the onset of 5G connectivity, are providing new fuel for the smart home cybersecurity market. In both examples cited above, however, it is clear that, for this market to be successful, vendors will have to partner up with third parties, whether they are networking equipment providers or service providers. For 5G, in any case, the security market is one that will evolve in a multi-vendor environment, and certainly from a software and service perspective. Both Avira and Avast are conscious of these new dynamics, and have positioned themselves appropriately. IoT offers them an opportunity to expand their security offerings not only beyond simply anti-malware solutions, but also in terms of simple visibility and management. For consumers, the investment choice to make between a CSP or a network equipment OEM will be much easier if they can understand and partly take charge of the security benefits associated with each.
