The IoT revolution isn't going to wait for cybersecurity experts to catch up. With an increasing number of connected devices, the attack surface is growing exponentially. It's no longer enough to "secure the perimeter". The fact is, attacks are going to happen, probably regardless of what you do. The only play here is to be prepared by replicating data and storing it in redundant facilities in different geographic locations, as well as implementing a solid Disaster Recovery Plan.
What the experts have to say:
"I'm not sure this [IoT security] can get solved in, say, 12 months. I think we'll make some progress with technology solutions that help protect assets, but just adopting these technologies at large enterprises and service providers takes time, so I think it'll be an ongoing problem for the next few years in terms of protecting assets and learning from new attacks that come along, using visibility and analytics tools.
This is a layered problem, so even if devices are compromised, you want to make them secure at the network edge; then if something gets through you need to start protecting at the mobile core, the infrastructure and finally applications -- it's a multi-layered approach. The interesting thing is, technology is becoming available where you can profile a typical network or traffic pattern, and if it deviates you get an alert and can start to figure out what's going on. I think you'll see a lot more cognitive or AI-like machine-learning capabilities starting to creep in around different areas of the network in the next few years."