Monthly Archives: February 2015

Chip producer ARM — major IoT player?

ARM ChipUK company ARM Holdings appears to be backing up its claims as a major processor design player in the Internet of Things (IoT) market. ARM signed 53 licenses for processor designs compared with 26 the previous year.

Smart phones to IoT

While ARM is the chip designer behind the vast majority of the smart phones in the world, it is also aggressively entering the machine-to-machine market, a significant subset of the Internet of Things.

ARM further signaled its interest in Internet of Things marketshare with its purchase of Offspark last week, an IoT security firm. The company is also moving into server technology which, given the symbiotic relationship of IoT and the Cloud, could be a winning combination. ARM produced 12 billion chips in 2014.

Over 25 IoT devices per person on the planet

While some predict ARM might be slowing because of projected reduced smart phone sales, projections of 25 plus networked computing devices per person on the Earth, might give ARM plenty of room to work.

FTC IoT guideline describes complexity, nuance of IoT

FTC IoT development guidelines

FTC IoT development guidelines

The Federal Trade Commission (FTC) has issued a guideline to companies developing Internet of Things (IoT) products and services. The guideline addresses security, privacy, encryption, authentication, permission control, testing, default settings, patch/software update planning, customer communication and education, and others.

IoT irony

The irony is that the comprehensiveness of the document, the things to plan for and look out for when developing IoT devices and systems, is the same thing that makes me think that the preponderance of device manufacturers will never do most of the things suggested. At least not in the near term. Big companies that have established brand, (eg Microsoft, Cisco, Intel, others) will have the motivation (and capacity) to participate in most of these recommendations. However, the bulk of the companies and likely the bulk of the total IoT device/system marketplace entries will be from the long tail of companies and businesses.

These companies are the smaller companies and startups that are just trying to get into the game. They won’t have an established brand across a large consumer base. This can also be read as, ‘they don’t have as much to lose’. Their risk and resource allocation picture does not include an established brand that needs to protected. They don’t have a brand yet. For most of these startup and small companies, they will view their better play to be:

  • throw our cool idea out there
  • get something on the market
  • if we get a toehold & start to establish some brand, then  we’ll start to worry about being more comprehensive with the FTC suggestions


Again, to be clear, I am appreciative of the FTC guideline for manufacturers and developers of Internet of Things devices. It’s a needed document and is thoughtful, well-written, and thorough. However, the same document can’t help but illustrate all of the variables and complexities of networked computing regarding privacy and security concerns — the same privacy and security concerns that most companies will have insufficient resources and motivation to address.

We’re in for a change. It’s way more complicated than just ‘bad or good’. Where we help protect and manage risk for our organizations, we’re going to have to change how we approach things in our risk management and security efforts. No one else is going to do it for us.