Trends in Smart Home Data Security and Privacy

Connectivity in the home and the addition of connected devices continue to expand year-over-year, with consumers now owning an average of more than eight connected CE products in their home. The increasing levels of connectivity in consumers’ lives provide easy targets for hackers and present security and privacy concerns for consumers. This report examines the challenges in securing the smart home and new opportunities for security solution providers. The report also assesses common and potential attacks in the connected landscape as new connected solutions, such as 5G technologies, are implemented. It profiles companies offering data security solutions for the connected home and product and service providers who are leading the way on securing the smart home.

Price: $3,500.00

Purchase Questions?

privacy-toc2019.jpg

- click image to enlarge -

Download Table of Contents (PDF)

Research Objectives

Research Approach

Companies Interviewed or Researched

Executive Summary

Industry Insight

Data Security & Privacy Trends - User Experiences

Data Security & Privacy Trends - Technologies

Data Security & Privacy Trends – Marketing & Sales Channels

Connected Home Data Security and Privacy Ecosystem

Key Findings and Recommendations

Defining Data Security and Privacy

Data Security vs. Data Privacy

Trade-offs for Consumers

Classification of Data Security and Privacy Attacks

Targets and Objectives of Data Security/Privacy Attacks

Direct and Indirect Attacks

Privacy Vulnerabilities

Consumer Insights

Security/Privacy Concern and Problems (Q4/18)

Consumer Concerns on Security/Privacy Issues (Q4/18)

Actions Taken to Prevent Unauthorized Access to Devices (Q4/18)

Smart Home Devices: Purchase Inhibitors (Q4/18)

Appeal of Cybersecurity Services (Q4/18)

Appeal of Cybersecurity Services by Introduction Text (Q4/18)

Desirability of Cybersecurity Services (Q4/18)

Preferred Provider of Cybersecurity Services (Q4/18)

Data Breach Incidences and Vulnerabilities

Status of Data Breaches in Connected Homes

The 2016 Mirai Attack by Exploiting Default Username/Password

The 2017 Fish Tank Attack Showed Much Bigger Lateral Damages

The 2019 Nest Cam Hacking due to Credit Stuffing Attacks

Supporting Consumers: An Academic Study on Privacy Vulnerabilities in Smart Home

Turning Data Attacks into Physical Attacks

Data Privacy/Security Ecosystem Opportunities for Action

Regulatory Analysis on Data Security and Privacy

Legislations on Smart Home Data Security and Privacy

Leading Legislation: The EU General Data Protection Regulation (GDPR)

GDPR: The Smart Home Manufacturers Respond

Data Protection Laws in the US

Passed and Pending US Regulations and Standards

Federal Standards: Defining Cybersecurity and Privacy Risks for Organizations

Federal Standards: IoT Device Manufacturers

Pending Federal Legislation: IoT Device Manufacturers Selling to Government

State Legislation: California SB-327 Information Privacy: Connected Devices 2018

State Legislation: CCPA Affects Businesses Using Consumer Data

CCPA vs. GDPR - Summary

CCPA vs. GDPR - Details

Cybersecurity Impacts: Brand Perception and Fines

Business Models and Services

Business Models in Smart Home Data Security and Privacy

Interest in Security/Privacy Services (Q4/18)

A Taxonomy of Cybersecurity Solutions

B2C Business Model by Smart Home Service Provider

B2C Business Model by Broadband Service Provider

B2B Business Models

B2C and B2B Example: F-Secure

Business Models: B2B + B2B2C

CUJO AI Security Profile

CUJO AI: Unique Advantages

The Public/Private Partnership Model

Technology Opportunities

Technologies to Protect Data Security and Privacy in Smart Home

Tradeoff between Security and Convenience: TFA and MFA

Privacy Enhancing Technologies (PET)

Typical Privacy Enhancing Technologies

AI and ML Become Essential for Cybersecurity

Where and How to Apply AI/ML in Cybersecurity

Example: Cybersecurity AI Platform

Privacy by Design (PbD)

Impact of 5G to Smart Home Data Security and Privacy

Appendix

Glossary of Security Threats

Definition of Adversary/Threat Model

Capability Levels of Adversary & Threat Models

Research Objectives

Research Approach

Companies Interviewed or Researched

Executive Summary

Industry Insight

Data Security & Privacy Trends - User Experiences

Data Security & Privacy Trends - Technologies

Data Security & Privacy Trends – Marketing & Sales Channels

Connected Home Data Security and Privacy Ecosystem

Key Findings and Recommendations

Defining Data Security and Privacy

Data Security vs. Data Privacy

Trade-offs for Consumers

Classification of Data Security and Privacy Attacks

Targets and Objectives of Data Security/Privacy Attacks

Direct and Indirect Attacks

Privacy Vulnerabilities

Consumer Insights

Security/Privacy Concern and Problems (Q4/18)

Consumer Concerns on Security/Privacy Issues (Q4/18)

Actions Taken to Prevent Unauthorized Access to Devices (Q4/18)

Smart Home Devices: Purchase Inhibitors (Q4/18)

Appeal of Cybersecurity Services (Q4/18)

Appeal of Cybersecurity Services by Introduction Text (Q4/18)

Desirability of Cybersecurity Services (Q4/18)

Preferred Provider of Cybersecurity Services (Q4/18)

Data Breach Incidences and Vulnerabilities

Status of Data Breaches in Connected Homes

The 2016 Mirai Attack by Exploiting Default Username/Password

The 2017 Fish Tank Attack Showed Much Bigger Lateral Damages

The 2019 Nest Cam Hacking due to Credit Stuffing Attacks

Supporting Consumers: An Academic Study on Privacy Vulnerabilities in Smart Home

Turning Data Attacks into Physical Attacks

Data Privacy/Security Ecosystem Opportunities for Action

Regulatory Analysis on Data Security and Privacy

Legislations on Smart Home Data Security and Privacy

Leading Legislation: The EU General Data Protection Regulation (GDPR)

GDPR: The Smart Home Manufacturers Respond

Data Protection Laws in the US

Passed and Pending US Regulations and Standards

Federal Standards: Defining Cybersecurity and Privacy Risks for Organizations

Federal Standards: IoT Device Manufacturers

Pending Federal Legislation: IoT Device Manufacturers Selling to Government

State Legislation: California SB-327 Information Privacy: Connected Devices 2018

State Legislation: CCPA Affects Businesses Using Consumer Data

CCPA vs. GDPR - Summary

CCPA vs. GDPR - Details

Cybersecurity Impacts: Brand Perception and Fines

Business Models and Services

Business Models in Smart Home Data Security and Privacy

Interest in Security/Privacy Services (Q4/18)

A Taxonomy of Cybersecurity Solutions

B2C Business Model by Smart Home Service Provider

B2C Business Model by Broadband Service Provider

B2B Business Models

B2C and B2B Example: F-Secure

Business Models: B2B + B2B2C

CUJO AI Security Profile

CUJO AI: Unique Advantages

The Public/Private Partnership Model

Technology Opportunities

Technologies to Protect Data Security and Privacy in Smart Home

Tradeoff between Security and Convenience: TFA and MFA

Privacy Enhancing Technologies (PET)

Typical Privacy Enhancing Technologies

AI and ML Become Essential for Cybersecurity

Where and How to Apply AI/ML in Cybersecurity

Example: Cybersecurity AI Platform

Privacy by Design (PbD)

Impact of 5G to Smart Home Data Security and Privacy

Appendix

Glossary of Security Threats

Definition of Adversary/Threat Model

Capability Levels of Adversary & Threat Models

Publish Date: 4Q 2019

Pages: 82


Authored By:
Weijun Lee - Research Associate
Jennifer Kent - Senior Director
Brad Russell - Research Director, Connected Home
Denise Ernst - Vice President
Chris O’Dell - Research Analyst

© November 2019 Parks Associates
All rights reserved.  No part of this book may be reproduced, in any form or by any means, without permission in writing from the publisher.

Printed in the United States of America. 

Disclaimer
Parks Associates has made every reasonable effort to ensure that all information in this report is correct.  We assume no responsibility for any inadvertent errors.

© 1998-2019 Parks Associates. All Rights Reserved.