Thanks to cloud, Internet of Things (IoT), and 5G technologies, every link in the retail supply chain is becoming more tightly integrated. These technologies are also allowing retailers to capture and gather insights from more and more data – with a big assist from artificial intelligence (AI) and machine learning (ML) technologies – to become more efficient and achieve evolving sustainability goals.   

From maintaining produce at the proper temperature to optimizing a distributor’s delivery routes, retail organizations are transforming their businesses to streamline product storage and delivery and take customer experiences to a new level of convenience—saving time and resources and reinforcing new mandates for sustainability along the entire value chain.

“Transformation using these technologies is not just about finding ways to reduce energy consumption now,” says Binu Jacob, Head of IoT, Microsoft Business Unit, Tata Consultancy Services (TCS). “It’s also about being able to capture the insights needed to better forecast energy consumption in the future.”

Reducing energy consumption across the value chain

For example, AI/ML technologies can detect the outside temperature and regulate warehouse refrigeration equipment to keep foods appropriately chilled, preventing spoilage and saving energy.

“The more information we can collect about energy consumption of in-store food coolers, and then combine that with other data such as how many people are in the store or what the temperature is outside, the more efficiently these systems can regulate temperature for the coolers to optimize energy consumption,” says K.N. Shanthakumar, Solution Architect – IoT, Retail Business Unit, TCS.

Landmark Group, one of the largest retail and hospitality organizations in the Middle East, wanted to reduce energy consumption and carbon footprint, improve operational excellence, and make progress toward its sustainability goals. Working with TCS, Landmark Group deployed TCS Clever Energy at more than 500 sites, including stores, offices, warehouses, and malls, resulting in significant improvements in energy efficiency and carbon emissions at these sites.

“Retail customers are looking to achieve net zero goals by creating sustainable value chains and reducing the environmental impact of their operations,” says Marianne Röling, Vice President Global System Integrators, Microsoft. “TCS’ extensive portfolio of sustainability solutions, built on Microsoft Cloud, provides a comprehensive approach for businesses to embrace sustainability and empower retail customers to reduce their energy consumption, decarbonize their supply chains, meet their net zero goals, and deliver on their commitments.”

Optimizing delivery workflows

For delivery to retail outlets, logistics programs—TCS DigiFleet is one example—increasingly rely on AI/ML to help distributors plan optimized routes for drivers, reducing fuel consumption and associated costs. Video and visual analytics ensure that trucks are filled before they leave the warehouse or distribution center, consolidating deliveries into fewer trips. Sensors and other IoT devices track inventory and ensure that products are safe and secure. Postnord implemented this solution to increase fill rate, thereby improving operations and cost savings. 

“Instead of dispatching multiple trucks with partially filled containers, you can send fewer trucks with fully loaded containers on a route that has been optimized for the most efficient delivery,” says Shanthakumar. “5G helps with the monitoring of contents of the containers and truck routes in real time while dynamically making adjustments as needed and communicating with the driver for effective usage.”

More data, better insights

With cloud-driven modernization, intelligence derived from in-store systems and sensors can automatically feed into the supply chain to address consumer expectations on a real-time basis. In keeping with the farm-to-fork movement, for example, consumers can scan a barcode to find out where a product originated and what cycles it went through before landing on the grocery store shelf.

With 5G-enabled smart mirrors, a person can virtually try on apparel. By means of a touchpad or kiosk, the mirror technology can superimpose a garment on a picture to show the shopper how it will look, changing colors and other variables with ease.

Retail transformation enabled by AI/ML, IoT and 5G technologies is still evolving, but we’re already seeing plenty of real-world examples of what the future holds, including autonomous stores and drone deliveries. The key for retail organizations is building a cloud-based infrastructure that not only accelerates this type of innovation, but also helps them become more resilient, adaptable, and sustainable while staying compliant, maintaining security, and preventing fraud.

Learn more about how TCS’ Sustainability and Smart Store solution empowers retailers to reimagine store operations, optimize operational costs, improve security, increase productivity, and enhance customer experience.

Cloud Computing, Digital Transformation, Retail Industry

By Anand Oswal, Senior Vice President and GM at cyber security leader Palo Alto Networks

Connected medical devices, also known as the Internet of Medical Things or IoMT, are revolutionizing healthcare, not only from an operational standpoint but related to patient care. In hospital and healthcare settings around the world, connected medical devices support critical patient care delivery and a wide variety of clinical functions, from medical infusion pumps and surgical robots to vital sign monitors, ambulance equipment, and so much more. At the end of the day, it’s all about patient outcomes and how to improve the delivery of care, so this kind of IoT adoption in healthcare brings opportunities that can be life-changing, as well as simply being operationally sound.

Yet, enabling these amazing patient outcomes through IoT technology brings with it an associated set of security risks to hospitals and patients that are in the news far too often. Ransomware, for example, is a particularly prevalent threat to healthcare providers around the world. In August 2022, the French hospital Centre Hospitalier Sud Francilien (CHSF) was the victim of a ransomware attack that disabled medical imaging and patient admission systems. And in October 2022, CISA issued an advisory to healthcare providers warning of a ransomware and data extortion group targeting the healthcare and public health sector with a particular interest in accessing database, imaging, and diagnostics systems within networks. But ransomware isn’t the only risk. In fact, according to a report in HIPAA Journal, there has been a 60% increase in cyberattacks of all varieties in healthcare in 2022,1  making it an unfortunately routine aspect of delivering care that the industry must be prepared to address.

Why Medical IoT Devices Are at Risk

There are a number of reasons why medical IoT devices are at risk. Among the most common reasons is the fact that many of these devices are not designed with security in mind.

Many connected devices ship with inherent vulnerabilities. For example, according to research from Unit 42, 75% of infusion pumps have unpatched vulnerabilities.2 Over half (51%) of all X-Ray machines had a high severity CVE (CVE-2019-11687), with around 20% running an unsupported version of Windows.3

Unit 42 research also found that 83% of ultrasound, MRI, and CT scanners run on an end-of-life operating system.4 Those operating systems have known vulnerabilities that can potentially be exploited. Attackers are known to target vulnerable devices and then move laterally across the organization’s network to infect and damage the rest of a hospital network.

The impact of medical IoT device vulnerabilities is serious and potentially life-threatening. It’s not always easy and sometimes not even possible to update or patch some of these devices, either because doing so requires operational disruption of care delivery or due to a lack of computing capability of many types of devices. As a result, we’ve seen patient data exposed. We’ve seen hospital operations halted. While the attack potential is widespread, healthcare providers can take proactive steps to help minimize the vast majority of device-related security risks.

Four Necessary Steps to Improve Medical IoT Security

Among the challenges that medical facilities and health providers face is actually being aware of all the connected devices that are present. Visibility, however, isn’t the only thing that is needed to improve medical device security. In fact, there are four steps that can be taken to secure devices and reduce risk:

Ensure visibility and risk assessment of all connected medical and operational devices. The first step in securing IoT in healthcare is to know what’s there; you can’t secure what you can’t see. Device visibility isn’t enough—you have to be able to continuously assess the risk the devices and their evolving vulnerabilities pose to the network.Apply contextual network segmentation and least-privileged access controls. Knowing a device is present is useful. What’s more useful is understanding what network resources or information can be accessed by the device. That’s where network segmentation comes into play, creating and enforcing policies that limit device access to only the resources necessary for its intended use and nothing more.Continuously monitor device behavior and prevent known and unknown threats. As these devices communicate across clinical environments and with external networks and services, they ensure that you establish baseline behavior, monitor devices for anomalous behavior, and protect network-connected devices against threats such as malware.Simplify operations. In order to effectively manage and secure the sheer volume of devices on a healthcare network, providers require a solution that integrates with existing IT and security solutions to eliminate network blind spots, automate workflows, and reduce the burden of tedious manual processes for network administrators.

Better IoT Security Helps Ease Regulatory Compliance Challenges

Understandably, there are a lot of compliance requirements in healthcare. Healthcare compliance covers numerous areas like patient care, managed care contracting, Occupational Safety and Health Administration (OSHA), and Health Insurance Portability and Accountability Act (HIPAA) privacy and security, to name a few. Any attack that involves a patient system or medical IoT device is most likely a compliance breach, resulting in the loss of sensitive data or access to sensitive data from unauthorized entities. Limited IoMT visibility and risk assessment make it difficult to meet regulatory, audit, and HIPAA requirements. Having complete visibility into all devices and their utilization data reduces the burden of preparing for compliance audits and compiling compliance reports.

Implementing Zero Trust for Medical IoT

Humans place their trust in medical professionals to improve and sustain human health. Medical facilities rely on their technology to do the same. But trust should not be granted by default. It needs to be continuously monitored and validated. That’s where a Zero Trust approach comes into play.

Zero Trust, in very straightforward terms, is a cybersecurity strategy that seeks to eliminate implicit trust for any user, application, or device accessing an organization’s network. Zero Trust is not a product. For many customers, Zero Trust is a journey. For medical IoT security, Zero Trust starts from understanding several key things:

Who is the user of the device?What is the device?What is the device supposed to do?Is the device doing what it is designed for?

On a continuous basis, Zero Trust means monitoring devices and their behavior for threats, malware, and policy violations to help reduce the risk by validating every interaction.

Take the Zero Trust Path of Least Resistance to Improve Healthcare IoT

Healthcare IT and security teams are overburdened, so security implementation shouldn’t be onerous. Improving security for medical IoT devices shouldn’t require a forklift upgrade of hospital networks either.

Most healthcare providers already have network firewalls that act as enforcement points for Zero Trust device security. When you want to enable visibility, risk assessment, segmentation, least privilege policies, and threat prevention on the journey toward Zero Trust, it should be done with as little friction as possible. Machine learning (ML) can also dramatically accelerate policy configuration, which can be automated. If security becomes another big project that requires significant human effort, it has less chance of being successful. Security needs to be integrated, easy to deploy, and as automated as possible.

Medical IoT devices help to improve human healthcare every day. Just like humans need to do the right things to stay healthy, it’s essential for medical IoT devices to remain healthy too. Lives literally depend on it.

Recommended Reading

Learn more about Medical IoT Security.Read our whitepaper, The Right Approach to Zero Trust for Medical IoT Devices

 1. “Healthcare Seeks 60% YoY Increase in Cyberattacks,” HIPAA Journal, November 17, 2022,

2. Aveek Das, “Know Your Infusion Pump Vulnerabilities and Secure Your Healthcare Organization,” Unit 42, March 2, 2022,

3. Jun Du, Derick Liang, Aveek Das, “Windows XP, Server 2003 Source Code Leak Leaves IoT, OT Devices Vulnerable,” Unit 42, November 6, 2020,

4. Ibid.

IT Leadership

The new year brings familiar problems for cities around the world. Many countries are still facing a multitude of crises: climate change continues to accelerate, economies are under pressure, and consumers are coping with inflation and skyrocketing energy bills.

But a new year also brings a renewed sense of optimism and fresh focus. Innovators are constantly discovering new ways in which IoT technology can help address difficulties and solve a number of problems both immediately and in the long term.

Here are the top 5 IoT sustainability trends to look out for in 2023:

1. LEDification of public lighting

Switching traditional lighting to LED is not a new concept, but the immense energy-saving benefits continue to be either misunderstood or overlooked. Most people are now aware that LED lighting is more energy-efficient than conventional lighting – at least 50% more efficient, in fact – but the full potential of what can be achieved remains unrealized.

For a start, connecting LEDs and managing them via a software-based lighting management system increases energy savings up to 80%. Cities account for 78% of global energy consumption, with 40% of that being lighting related. If every city in the EU27 switched to energy-efficient connected LED, the member states would save enough energy to power 55 million electric cars every single year.

But energy savings are just one side of the coin. The scenario described above would generate cost savings of over €65 billion. Imagine how much good that money could do for families struggling to stay afloat.

These are lofty figures, and perhaps too big to fully comprehend. But even if you scale the scenarios down, the potential is too obvious to ignore. Switching all lighting to LED in a city of 200,000 inhabitants, for example, would prevent around 18,000 tons of CO2 from entering the atmosphere per year – roughly the amount of carbon sequestered in a year by 850,000 trees.

Switching to energy-efficient LED is truly the most immediate and significant impact you can make in the fight against climate change.

2. Increased funding opportunities for infrastructure projects

City budgets are tight. Whether it’s the strain of post-pandemic regeneration or the global impact of the war in Ukraine, many economies are at the breaking point. City decision-makers may have the ambition to develop and improve their infrastructure, but without funding it’s simply not viable.

Luckily, governments are starting to take action. Slowly but surely, funding programs are being established that promise to support infrastructure projects and help cities achieve the goal of becoming sustainable while at the same time improving the health and well-being of citizens.

Take the EU Green Deal, which pledges to make trillions of euros available for cities looking to enhance the energy efficiency of their public buildings, improve mobility, or create jobs for future generations. In the US, the 2022 Inflation Reduction Act (IRA) represents the single largest investment in climate and energy in American history, enabling America “to tackle the climate crisis and advance environmental justice.” The ASEAN Infrastructure Fund has been launched in Asia.

All of this means that as cities start to consider how they can modernise their infrastructure and explore IoT solutions to help in the fight against climate change, funding is one less barrier to overcome.

3. More accessible EV charging

The transportation industry has set itself the target of achieving carbon neutrality by 2050. It’s an ambitious goal, and one which appears even more daunting when you consider that 72% of all transport-related greenhouse gas emissions come from cars and trucks. There are billions of vehicles on the roads, so how do you radically reduce their emissions? By going electric.

EV adoption has picked up pace in recent years, but the scarcity of charging stations around cities and towns is a serious stumbling block. Consumers value convenience, and the uptake of EVs will stall if they make it more difficult to get from point A to point B than their gas-guzzling predecessors.

Where does IoT technology fit in? For a start, connected LED streetlights can be designed to serve as vertical digital assets for cities to deploy connected capabilities – from public broadband access points to EV charging points built directly into light poles. Electricity savings from both LED street lighting and smart buildings can help balance the increased electrical load, keeping costs low and avoiding the need for additional power generation.

4. Banning of conventional fluorescent lighting

The EU has passed legislation that prohibits the use of conventional fluorescent lighting. The ban has been a long time coming—not only are fluorescent bulbs outdated and inefficient, but they also contain harmful materials like phosphorus and mercury. With the ban comes into effect in early 2023, the shift to energy-efficient LED is set to accelerate even more than it has over the last two decades.

Sometimes doing the right thing is a matter of not having the choice to do the wrong thing. The paradox of choice theory states that rather than providing freedom, having too many options actually complicates the decision-making process and causes more stress in the long run. The EU’s banning of conventional fluorescent lighting has removed that choice from building owners and city decision makers, steering – or rather forcing – them to explore LED lighting as not just the better option, but the only option.

The anticipated surge in LED usage means increased opportunities for connected lighting and IoT solution providers, as thousands of businesses and cities look to retrofit their existing lighting.

5. The year of the smart city — finally?

It feels like we’ve been predicting the new era of smart cities for almost a decade, but is 2023 finally the time that IoT technology adoption in cities explodes?

Smart cities do not only focus on making life comfortable for people — they improve the social, environmental, and financial aspects of urban living. And as city populations grow, smart cities will become a key ingredient in improving sustainability and quality of life.

IoT and smart city technology is developing rapidly. But as with every high-growth market, regulation and certification often has had to play catch-up. Only relatively recently have industry-wide standards, best practices, and coordinated initiatives begun to mature. In tandem with a general increase in experience and expertise, it should now be easier to recognise what a smart city is – and, crucially, what it is not.

AIoT, the combination of AI technology with IoT infrastructure, is promising to accelerate things further. Right now, IoT infrastructure requires a level of human monitoring and management. Imagine how efficient our cities could run with AI pulling the strings. Smart city experts anticipate AIoT solutions to emerge for managing energy and other resource distribution, traffic and other public service management, waste management, and more —all in the near future.

Learn more about IoT systems for smart cities here.

Renewable Energy

For years, we’ve known that Internet of Things (IoT) devices can come under attack as quickly as within five minutes of being connected to the internet. These events predominantly include large-scale scanning techniques to exploit IoT devices that are vulnerable to basic attacks such as default credentials.

Historically, hackers have used these attacks to create a network of devices to perform a distributed denial-of-service (DDoS) attack; for example, Mirai Botnet. However, the more recent Verkada breach demonstrates the risks associated with devices that perform sensitive operations. While this might not directly present a security risk to companies utilizing IoT devices, the methods hackers used to exploit these devices should demonstrate the significant threat surface introduced by implementing IoT into any organization’s network.

Why it matters

The nature of the exploits being leveraged in recent ransomware attacks must be properly understood to ensure that the IoT devices the business is currently or planning to utilize in their infrastructure are secure. The OWASP Top 10 IoT list claims the number one issue with IoT devices is “weak, guessable, or hardcoded passwords,” demonstrating that not only are IoT devices becoming more prevalent in the industry but they are also being deployed with unacceptable network security measures.

As stated previously, the risk of IoT devices aiding in a DDoS attack on another business does not present an immediate risk to the IoT device consumer, but it could severely damage the reputation of any company that does not properly employ IoT cybersecurity controls to prevent a compromise of the devices on their network. Furthermore, the compromise of these devices can result in a variety of issues including, but not limited to, tampering with critical safety monitoring equipment; disruption to sensitive operations, such as manufacturing; or even a widespread attack on medical equipment on the shared network. In addition to the risks posed by compromised IoT devices, there continues to be regulatory guidance around securing devices and ensuring user privacy as evident in the recent U.S. Executive Order on Improving the Nation’s Cybersecurity.

What to do

Companies have a tremendous opportunity to incorporate IoT within their business to improve the efficiency of legacy processes, collect and operate on real-time data, and leverage the data collected to develop additional business process improvements, such as preventative maintenance. Considering all the benefits IoT has to offer, one can assume that IoT devices are not going away any time soon and will even start to become a market differentiator. So, what can be done to ensure IoT device vulnerabilities do not present a security threat to the network in which they are being deployed?

Conduct periodic device inventories: Device inventories should not only contain the type and quantity of devices, but should also include the hardware/firmware revisions, sensitive data being collected/processed, and the extent to which the device has network access. Additionally, the device should be evaluated against a list of known vulnerabilities to enable quick action if a vulnerability is discovered with a particular device.Network segmentation: The information gained from the device inventory helps demonstrate the extent of each device’s enterprise network access and potential segmentation. This data will allow users to begin to isolate critical infrastructure to prevent impact if a simple device were to be compromised. For example, any IoT device being utilized to monitor and ensure the safe operation of machinery should be isolated from a basic connected device such as a thermostat. These seemingly innocuous devices can be catastrophic to critical infrastructure if an insecure device is compromised and a threat vector is introduced to the broader ecosystem.Request device security documentation: Prior to procuring IoT devices, as well as throughout the device lifecycle, companies should feel empowered to consult the device manufacturers on the security posture of the devices being deployed onto your enterprise network. An OEM will likely not be willing or able to provide a full penetration test report considering the sensitive nature of the material, but in most cases will be able to provide proof of a third-party review in addition to the network security controls they employ by default. If security testing information cannot be provided by the OEM and the terms and conditions allow, the purchasing body should conduct penetration testing on the device independently.Managed solutions: There is an emerging market for tools designed to streamline the procedures outlined above. Companies should evaluate the use of managed solutions to dynamically conduct device inventory and monitor the security of the devices in real-time.

IoT devices provide significant benefits to businesses that are looking to improve their operations by implementing connected devices. However, the current state of IoT security is sub-par, to say the least. Before introducing IoT devices into a network, companies should evaluate the devices’ security, data collection practices, and network exposure. Additionally, the monitoring of IoT devices on a network is an ongoing process that should be evaluated continuously to stay up to date with the latest IoT risks and mitigations.

Learn more about Protiviti IoT services.

Connect with the authors:

Christine Livingston

Managing Director – Emerging Technologies, Protiviti

Matthew Freilich

Associate Director – Emerging Technologies, Protiviti

Caleb Davis

Senior Manager – Emerging Technologies, Protiviti


What you need to know about IoT in enterprise and education  

In an era of data driven insights and automation, few technologies have the power to supercharge and empower decision makers like that of the Internet of Things (IoT).  

As the adoption of IoT devices is expected to reach 24.1 billion by 2030, forward-thinking organisations and higher education institutions are realising that IoT technologies are providing access to insights and making things possible now that were too expensive or difficult just a few years ago.  

Sustainability and smart energy management are emerging as important IoT use cases, offering organisations real-time power usage monitoring and predictive analytics to reduce energy spending.  

In the future, IoT will play a critical role in enabling organisations to fulfil their ESG goals and demonstrate compliance to movements such as B Corp and the Climate Pledge

The potential use cases for enterprise users  

Futhermore, the potential use cases for IoT goes well beyond the confines of sustainability. For instance, organisations can even go as far as monitoring the air quality of spaces, to support the health and wellbeing of building occupants. 

Decision makers and facility managers also have the ability to monitor environmental factors like CO2 levels, which are known to impair cognitive function.  

IoT devices also can be used more broadly to help leverage maximum value from assets, by optimising room occupancy and utilisation, or tracking the location and usage of high value assets.  

Together these tools can help reduce carbon emissions, optimise processes and asset maintenance, and enable organisations to better comply with sustainability regulations and meet long-term green and operational goals.  

It is these widespread use cases that are contributing to the growth of the IoT market as a whole, which analysts predict will increase from a value of $384.70 billion in 2021, with some estimates putting the expected  value as high as  $2,465.26 billion by 2029. But it’s not just the commercial sector that can reap the rewards of IoT.  

How IoT can help education providers  

While IoT adoption in the education industry is in its infancy, these distributed devices have the potential to provide detailed operational insights and automation capabilities the same way they already do in commercial environments.  

Once again, the most potent use case of IoT devices is in supporting sustainability initiatives, enabling institutions to cut energy costs, optimise resource usage for water and gas, and meet their green goals.  

It also enables them to enhance their operations through enhancing the occupancy of classrooms, and monitoring learning environments for comfort, health and safety concerns, influencing factors like light, VOC, CO2, and sound, to ensure that students are in an ideal position to learn.  

Green Custard’s role in the IoT market  

One of the providers paving the way for the ongoing IoT revolution is Green Custard, a UK-based cloud native professional services company providing bespoke IoT solutions to organisations across the commercial, educational, and public sectors.  

Green Custard is also an Amazon Web Services (AWS) Advanced Tier partner, and one of a small number who specialise solely in IoT deployment and management.  

Leveraging AWS, Green Custard help to deliver products and services across IoT, edge, embedded, infrastructure, data analytics, mobile, and web applications with the necessary best practices, to help decision makers bring their green visions to life.  

For more information click here to find out how Green Custard can help your organisation. 

Education Industry

By George Trujillo, principal data strategist, DataStax; and Ara Bederjikian, president, Titanium Intelligent Solutions

Internet of Things (IoT) data can pour in from pretty much everywhere, be it from sensors that monitor air quality in a building, intelligent devices in a smart city, or mobile apps with an augmented reality overlay to enhance a live sporting event. IoT is embedded in our everyday lives with fitness trackers, Uber eats, Lyft, delivery tracking, security cameras, and smart thermostats. The exponential growth of IoT is providing other industries with a view of the potential growth of real-time data ecosystems.

Gathering and extracting value in real-time from diverse data generated by a very wide range of devices and other hardware poses a unique array of challenges, in both interoperability and scalability. IoT sensors, actuators, networks, and data and analytics platforms bring together the physical and digital world—and that isn’t easy.

New York-based Titanium Intelligent Solutions set out to build a global SaaS IoT platform that could handle these challenges. Doing so required a foundational, modern data technology stack that was flexible enough to support a wide range of IoT use cases in a scalable way, across geographies and across clouds. Here we’ll walk through the vision that drove Titanium’s success and an example of how Titanium put it to work.

Today’s real-time data stack

The demand for analytics and AI insights from high-growth applications, IoT devices, B2B transactions, multi-access edge computing, mobile devices, smart buildings and cities, and augmented or virtual reality is accelerating changes in data and infrastructure strategies. Organizations across industries are racing to leverage new ways to monetize the information that moves through streams of real-time data produced by all these devices and use cases. 

In a recent report, analyst firm McKinsey found that by 2030, the IoT industry could enable $5.5 trillion to $12.6 trillion in value globally, including the value captured by consumers and customers of IoT products and services.

The need to handle this wide variety of fast-moving, high-volume data has made operational resiliency, rapid growth across geographic regions, and elevating the customer experience table stakes.

Industry challenges for a real-time data stack

The gap between data-driven organizations and those striving to be data-driven is widening. A key element of success for the former: tight alignment between the business and IT. But this isn’t easy, and very few organizations achieve true alignment between technology leaders and business units. The VPs of software engineering, data warehousing, data science, data engineering, and databases often have their own preferences, technical debt, and technologies they prefer to work with. Add the cloud strategy to the application, data, and analytics strategies, and organizations end up with ecosystems that have grown into a wide variety of siloed technologies that all speak different languages. The complexity in these disparate ecosystems negatively impacts security, governance, analytics, and the value of data. A lack of alignment on the vision and enterprise-wide execution strategy is why many organizations struggle to be data driven in ways that will increase both business growth and revenue.

A vision for a real-time data ecosystem

Titanium created a vision for a real-time data ecosystem that incorporated leading-edge principles of a data stack for solving IoT data challenges. Titanium’s SaaS IoT platform delivers low latency, bi-directional communication, security at every link in the data chain, real-time data, historical data, and scalability. With a real-time data ecosystem, Titanium provides data necessary for ESG (environmental, social, and governance) reporting, analytics, operational management, artificial intelligence, and automation.

The company turned to the open-source NoSQL database Apache Cassandra®, which is known for its rock-solid performance, scalability, and reliability. For enhanced security and scalability, Titanium worked with DataStax to use their managed database service Astra DB, built on Cassandra. Astra DB’s multi-data model, multi-cloud, and multi-use case capabilities help Titanium focus on delivering customer value versus having to support a complex data ecosystem. 

Data interoperability requires seamless collaboration for data integration and correlation across business units, so Titanium built a unified IoT and IT network offering that increased efficiency and control—for itself and for its customers. Because the data is in the cloud, it’s accessible for a variety of uses while meeting security and privacy requirements.

Titanium also provides information that isn’t typically found in building automation systems,  including heating degree days and cooling degree days, climate zones, and more. These metrics can be relevant to ESG reporting—and it further enhances cross-departmental use. The ESG real-time dashboard is used by building managers to monitor and analyze building performance, while corporate ESG teams can use the data to meet sustainability goals. This increases the value of data across customer business units and regions.

Case study: Scaling a climate control system nationwide

In general, IoT companies focus on delivering functionality for building services with hardware solutions. Hardware solutions are often closed-loop systems that require the end user to use proprietary hardware, locking the customer in for the life of the product; this can have a significant impact on the speed and business benefits of integrating with other devices. As a result, industry IoT platforms often have fixed, limited functionality. IoT companies often lack interoperability and scalability, making it difficult to scale seamlessly across many locations and regions.   

Titanium sought to build a scalable, interoperable cloud-based data stack through a partnership with DataStax. The company’s SaaS platform required the flexibility to support customer operating models across different geographical regions. Standardizing on a streamlined, multi-model, multi-purpose data ecosystem was important to reduce data integration complexity and change management time to deliver faster business value from real-time data. The ability to supply customers with analytics and AI capabilities was a critical part of the data ecosystem design.

Titanium’s global cloud IoT platform required a high-speed database to support future growth in volume and velocity across geographical regions for the growing IoT industry. Low latency for real-time data was also essential for automation; time delays could result in making automated decisions that were outdated. Latency makes automation very challenging, if not impossible. People are used to manually flipping a switch to turn lights off – with no delay. A delayed response would be a roadblock to people using a cloud-based platform. 

Low latency for real-time data is also essential for when operating across multiple locations. If changes are made in various locations by different people, or if simultaneous automated actions and communications are delayed, it can be frustrating, and even lead to incorrect actions. A global real-time data platform requires multiple locations to work as one seamless data ecosystem with low latency being a priority. 

Using AI, Titanium can route data based on the strongest signal strength to ensure uninterruptible communication. IoT data feeds AI models; AI can identify hardware devices and commission them in the platform. This can be done remotely, eliminating a person physically at the location to manually commission devices. Predictive maintenance is also used to identify devices that are perpetually running or have not been active, indicating a performance issue.

Titanium also offers a sophisticated ESG dashboard that provides user-friendly advanced analytics. For example, it enables the comparison of multiple metrics to identify drivers such as CO2 levels, which can indicate insufficient ventilation.

A nationwide distribution company customer approached Titanium with the need to design a scalable climate control platform with a wide range of operating capabilities. Their distribution centers range from 500,000 to a million square feet and are in over 40 different states in the U.S. The company didn’t have a centralized, remote way to access its building functions in distribution centers across the U.S. 

The customer was looking for a centralized climate control system that could be measured, controlled, and monitored with real time data and analytics in addition to ESG reporting with predictive AI-based maintenance. In addition, given the lack of visibility to their assets, it was preventing them from adding corporate governance to save energy and reduce its carbon footprint by measuring real-time energy consumption and reporting the data into one dashboard. 

Titanium offered the company an interoperable platform with remote, single-user access for all their climate control operations. A design focus on data integration made it simple to manage all climate control systems in 50 distribution centers from one real-time dashboard. Titanium’s solution easily across their customer’s locations, saving the customer at least 15% in energy costs. The Titanium cloud-based platform helped eliminate siloed data, providing greater cross-departmental use and strengthening corporate governance.

An aligned vision

The IoT industry is continually evolving to support a wide range of use cases and operating models. Having a vision that aligns business and IT leaders on an execution strategy is key to building a data operating model that drives business revenue and growth. Building a streamlined, trusted, and reliable data ecosystem is the foundation for delivering analytics and AI results at the speed Titanium customers need for increasing business growth and revenue.

Learn more about DataStax here.

IoT Platforms, IT Leadership

After highly publicized accidents and fatalities, most municipal IT execs are waiting for autonomous vehicles to be proven safe beyond any doubt before building next-generation roadways and edge infrastructure for their cities and towns.

Not Michael Sherwood, CIO of the City of Las Vegas. He is moving full steam ahead to attract more visitors and shape Las Vegas into America’s city of the future.

“Las Vegas is thriving to bring tourism back. The single greatest thing we can do is provide the foundation for some of the most advanced technologies here, one of them being the connected roadway,” Sherwood says.

To date, Sherwood’s IT department has installed more than 150 intersections with advanced internet of things (IoT) equipment along the Las Vegas strip, in a small number of adjacent streets, and from the airport to Fremont Street. The CIO is working with several autonomous vehicle manufacturers, such as Motional, Amazon Zoox, and Halo, as well as the Kaptyn private car service for its electric vehicle (EV) fleet and Cisco for its connected roadway infrastructure and 5G wireless backbone.

“While the vehicle has a bunch of technology, our roadway has a bunch of technology as well,” says Sherwood, who dubs it the city’s traffic ecosystem. “We use technology to communicate to the vehicle, which can read lights, but now we can send data to the vehicle telling them when the light is going to change.”

In addition to the plethora of IoT sensors for collecting data, the intersections are equipped with connected traffic controllers and pre-emptive emergency vehicle signals that emit data to routers and ultra-fast wireless backhauls over fiber or 5G networks and then on to the city’s IoT hub. The city also equips the roadway with dynamic messaging signs for weather emergencies or important bulletins.

A two-way street

This bidirectional communication enabled by the city’s connected roadway and its multicloud infrastructure makes Las Vegas unique, Sherwood says. The city and some portions of Clark County are capable of both retrieving data from autonomous vehicles and the roadway and transmitting data back to autonomous vehicles, as well as to certain models of automobiles that have built-in dedicated short-range communications (DSRC), the CIO says.

Michael Sherwood, CIO, City of Las Vegas

City of Las Vegas

“We have over 74 autonomous taxis that are currently operating in Las Vegas and you can use the Lyft app and hail an autonomous vehicle,” the CIO says. “That autonomous vehicle actually drives in mixed-flow traffic, meaning along with you and I as we’re driving,” says Sherwood, adding that a human driver is always a co-pilot in each autonomous vehicle.

Las Vegas has also deployed robo-taxis with vehicle partner Halo designed to swiftly move tourists from McCarron Airport to their hotels on arrival, eliminating the need for hailing taxis or renting cars.

“You get to the airport, go outside, and the vehicle is just waiting for you,” Sherwood notes. “No one is inside. You get in, drive it around, leave it at your hotel and then Halo connects to the vehicle remotely and drives it back for you.”

Sherwood says several other vehicle manufacturers are conducting tests of the city’s IoT infrastructure, but acknowledges the era of autonomous vehicles is still in its infancy, particularly since the autonomous vehicles driven today in Las Vegas have human co-pilots. Still, the connected infrastructure embedded in the city is delivering speedier transportation as well as increased safety and environmental benefits, he says.

“It doesn’t sound too exciting, but people are able to get from A to B more in a prompt fashion. We are reducing carbon emissions. We are reducing traffic congestion,” Sherwood says. “Kaptyn EV vehicles also have the ability to connect into this system and we’re looking to provide data to bicyclists and pedestrians … a diversity of vehicles, types of transportation, and different communities.”

Safety comes first for Sherwood, and he insists that all autonomous vehicles on the roadways in Las Vegas have human co-pilots in case of a technical mishap. Still, he is eyeing the leaps made by autonomous vehicle manufacturers and says he will not shy away from the risks once he gets the green light from inspectors.

The tech driving Las Vegas

Sherwood knows how important technology can be to speeding up Las Vegas’ reputation as a top destination in the bumpy aftermath of a pandemic that brought tourism to a halt.

Critical to the connected roadway are the 150 new intersection devices the city has installed that incorporate far more than red, yellow, and green lights. Modern autonomous vehicles likewise have an abundance of IoT sensor data, such as temperature and speed, as well as cameras, video, and timers embedded within them can be, if activated, sent to the city’s cloud for monitoring.

The city’s IoT network, which runs on a multicloud infrastructure, includes cameras, air-quality sensors and LiDAR sensors, which collect 3D data about people and traffic count, as well as distance and range readings from one vehicle to another.

The city’s Cisco-based LiDAR detection can also detect wrong-way drivers and oncoming vehicles, issue e-tickets, and warn construction workers and pedestrians about a speeding vehicle heading their way. Police and fire vehicles will also be able to tap into the data dashboard to alert vehicles on the road of the time of their approach and to turn intersection lights to red to help prevent collisions.

5G is another key factor that will drive more use of autonomous vehicles, Sherwood acknowledges. Currently, only about 20% of 5G wireless networking is rolled out in the US today. As that increases, especially in urban areas, the innovations and capabilities that will be developed will be “phenomenal,” Sherwood claims.

Analyst Sandeep Mukunda, research manager for digital automotive and transportation strategies at IDC, says Las Vegas is not the only city engaged in connected roadways. Miami, Detroit, San Francisco, and Phoenix are also conducting “trial and error” pilots of autonomous vehicles using connected roadway technologies, says Mukunda, who sees safety as a primary benefit, especially as police and fire departments tie into connected roadways to optimize their response to emergencies.

Still, Mukunda says pilots are very early in the process and does not expect autonomous vehicles to be fully operational until 2030. “This is in the very, very initial stages of production. There will be a lot of trial and errors,” he says.

Beyond autonomous vehicles

The city’s investment in 5G and IoT isn’t all about autonomous vehicles and tourism. It will also benefit residents of Las Vegas, helping the community with workforce development, education, maintenance, and energy conservation, Sherwood says. For instance, Las Vegas’ IT staff is employing IoT sensors to collect data to determine the ideal times, such as when parks are least populated, to send out cleanup crews and perform maintenance.

IoT sensors, Sherwood says, also constantly monitor water usage — a critical data metric for Las Vegas. “We live in a desert,” Sherwood says. “We need to save and conserve water. It’s so important now to have that type of data that we never had before.”

While the CIO acknowledges that Las Vegas’ transformation into the city of the future is still in its infancy, private entities — modern hotels, casinos, and entertainment venues — are also getting in on the act. The pandemic accelerated the deployment of basic IoT equipment such as keyless check-in and automated cleaning devices at several hotels, and there is even a robotic bartender at Planet Hollywood’s Tipsy Robot bar, Sherwood quips.

Notably, The Boring Company has been operating a trial Tesla EV “subway-like” transportation system under the Las Vegas Convention Center for more than a year. The company recently received approval from the Las Vegas City Council to expand this transport to select hotels and casinos and, eventually, to the airport, Sherwood expects.

The Wynn and Encore hotels have been granted approvals for Boring’s underground stations and “it’s now been approved to come to downtown Las Vegas, and it will hit the Circa, which is our brand-new casino,” the CIO says. “Over time, it will expand to most of the casinos.”

In the meantime, Sherwood and the City of Las Vegas will continue to expand its connected roadway with partners, incorporating more innovative sensors and devices to deliver a range of data to the city’s cloud.

“We build the infrastructure,” Sherwood says. “This is a big game.”

Cloud Computing, Government IT, Internet of Things

Based on actual users’ experience with IoT platforms, here are the leading features and functionalities potential users should be looking for.

Article published on NetworkWorld by , Contributor, Jan 16, 2018

As an IoT platform and middleware analyst, I am asked constantly about the benefits of IoT platforms and “what makes a great IoT platform.” In response, I often ask these curious inquirers if they’ve ever used IoT platforms themselves. Walking on the edge is exhilarating, but having hands-on insights, data and expertise on how to survive the journey is even better.

What do users actually experience when they use IoT edge platforms?

IoT edge computing is a technology architecture that brings certain computational and analytics capabilities near the point of data generation. IoT edge platforms provide the management capabilities required to deliver data from IoT devices to applications while ensuring that devices are properly managed over their lifetimes. Enterprises use edge platforms for factory automation, warehousing/logistics, connected retail, connected mining and many other solutions. With IoT platform revenue slated to grow to USD63.4 billion by 2026, IoT edge is one of the most highly relied upon enterprise IoT platform approaches.

Enterprises spend a tremendous amount of time completing edge-related IoT platform activities. According to hands-on tests of IoT platforms in MachNation’s IoT Test Environment (MIT-E), the majority of an enterprise user’s edge-related time is spent creating visualizations to gain insight from IoT data. 35% of a user’s time is spent creating dashboards with filtered alerts. And a combined 16% of a user’s time is spent viewing sensor data for an individual device (8%) or a group of devices (8%). Data from an IoT platform are critically important, so the ability to assemble dashboard sensor data and alerts are key – expect to spend a lot of time doing it.

Since the edge is critical for enterprises deploying IoT solutions, we’ve identified the top five user requirements of IoT edge platforms, based on IoT platform users’ experiences with these platforms.

1. Pick a platform with extensive protocol support for data ingestion

To seamlessly bring data from devices into the edge platform, enterprises should choose leading IoT platforms that support an extensive mix of protocols for data ingestion. The list of protocols for industrial-minded edge platforms generally includes brownfield deployment staples such as OPC-UA, BACNET and MODBUS as well as more current ones such as ZeroMQ, Zigbee, BLE and Thread. Equally as important, the platform must be modular in its support for protocols, allowing customization of existing and development of new means of asset communications.

2. Ensure the platform has robust capability for offline functionality

To ensure that the edge platform works when connectivity is down or limited, enterprises should choose leading IoT edge platforms that provide capabilities in four functional areas. First, edge systems need to offer data normalization to successfully clean noisy sensor data. Second, these systems must offer storage to support intermittent, unreliable or limited connectivity between the edge and the cloud. Third, an edge system needs a flexible event processing engine at the edge making it possible to generate insight from machine data when connectivity is constrained. Fourth, an IoT edge-enabled platform should integrate with systems including ERP, MES, inventory management and supply chain management to help ensure business continuity and access to real-time machine data.

3. Make sure the platform provides cloud-based orchestration to support device lifecycle management

To make sure that the edge platform offers highly secure device management, enterprises should select IoT platforms that offer cloud-based orchestration for provisioning, monitoring and updating of connected assets. Leading IoT platforms provide factory provisioning capabilities for IoT devices. These API-based interactions allow a device to be preloaded with certificates, keys, edge applications and an initial configuration before it is shipped to the customer. In addition, platforms should monitor the device using a stream of machine and operational data that can be selectively synced with cloud instances. Finally, an IoT platform should push updates over-the-air to edge applications, the platform itself, gateway OSs, device drivers and devices connected to a gateway.

4. The platform needs a hardware-agnostic scalable architecture

Since there are tens of thousands of device types in the world, enterprises should select IoT platforms that are capable of running on a wide range of gateways and specialized devices. And these platforms should employ the same software stack at the edge and in the cloud allowing a seamless allocation of resources. Platforms should support IoT hardware powered by chips that use ARM-, x86-, and MIPS-based architectures. Using containerization technologies and native cross-compilation, the platforms offer a hardware-agnostic approach that makes it possible to deploy the same set of functionalities across a varied set of IoT hardware without modifications.

5. Comprehensive analytics and visualization tools make a big difference

As we’ve already discussed enterprises should choose IoT platforms that offer out-of-the-box capabilities to aggregate data, run common statistical analyses and visualize data. These platforms should make it easy to integrate leading analytics toolsets and use them to supplement or replace built-in functionality. Different IoT platform users will require different analyses and visualization capabilities. For example, a plant manager and a machine worker will want to access interactive dashboards that deliver useful information and relevant controls for each of their respective roles. Having flexibility in analytics and visualization capabilities will be essential for enterprises as they develop IoT solutions for their multiple business units and operations teams.

Enterprises worldwide are using IoT to increase security, improve productivity, provide higher levels of service and reduce maintenance costs. As they seek to adopt IoT solutions to improve their critical business processes, they should conduct hands-on usability tests to understand edge platform capabilities. Keep watching as more and more enterprises start walking on the edge.

It may be time for the U.S. government to step in to coordinate security standards across all the players that participate in creating the internet of things, Frost & Sullivan says

Article published on NetworkWorld by , Senior Writer, Jan 15, 2018

Thanks to the Mirai botnet attacks, few people in the world of tech need a reminder that IoT devices remain a serious threat to enterprise networks. Still, more than a year after the botnet made headlines worldwide, IoT security remains mostly an idea, rather than a reality.

Such is the scope of the problem that Frost and Sullivan IoT research director Dilip Sarangan argues for governmental intervention. Sarangan says that, because the responsibility for IoT security is diffused across device manufacturers, network providers, software developers and many others, it’s difficult for the industry to make progress on all-encompassing standards.

“The only entity that has the ability to actually dictate what the minimum threshold is, unfortunately, is the U.S. government,” he said.

The difficulty in creating overarching standards mostly has to do with the fact that any given IoT implementation has a large number of moving parts, each of which may be administered by different organizations, or even by third parties. For example, a set of medical devices provided by company A connecting to a network provided by company B, running an application, originally written by company C and residing in company D’s cloud.

“Everyone talks about it like they’re going to provide end-to-end security, and there’s actually no way to do that,” said Sarangan. “You have no control over a lot of parts of an IoT solution.”

Network visibility

From the networking side, Sarangan said, there are plusses and minuses to most of the options available to any given IoT implementation. Cellular networks, for example, tend to be a lot more secure than Wi-Fi, ZigBee or the other wide-area options, but a company will probably have much more limited visibility into what’s happening on that network.

That, in and of itself, can be a security issue, and it’s imperative for the carriers to provide more robust device management features in the future.

“What type of device it is, what type of information it’s supposed to send, where it’s supposed to send the data, what you are supposed to do with that data – until you know all of that, it’s hard to be completely secure,” said Sarangan.

Improved network visibility is key to preventing worst-case scenarios like malicious actors accessing power grids and Internet infrastructure, but so are common-sense measures like air gaps.

“You have the hacks happening, but the hacks haven’t been significant enough to where you’d worry about it,” he said. “The other side of it is that a lot of critical infrastructure – let’s say a smart grid – is on private networks.”

A sea of IoT devices

A lack of quality control and the presence of a host of very old devices on IoT networks might be the most critical security threats, however. Decades-old hardware, which may not have been designed to be connected to the Internet in the first place, let alone stand up to modern-day security threats, creates a serious issue.

“You have over 10 billion IoT devices out there already … and a lot of these devices were created in 1992,” noted Sarangan.

Moreover, the huge number of companies making IoT-enabled hardware makes for a potentially serious problem where quality control is concerned. Big companies like Amazon and Microsoft and Google make headlines for their smart home gizmos, but the world of IoT is a lot broader than that.

China, in particular, is a major source of lower-end IoT devices – speakers, trackers, refrigerators, bike locks and so on – and it’s not just the Huaweis and Xiaomis of the world providing the hardware.

“[There are] hundreds of mom-and-pop shops out there developing hardware that we don’t necessarily know whether to trust or not – these are devices that are getting on unsecured Wi-Fi networks,” said Sarangan. “That’s already a security threat, and a large portion of Americans don’t actually protect their routers.”

Indeed, hidden backdoors have already been found on some such devices, according to The Register.

Article written by Brian Krebs, published on KrebsOnSecurity the 18th Jan. 2018

Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured “Internet of Things” or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which most consumers probably wouldn’t begin to know how to secure, IoT encompasses everything from security cameras, routers and digital video recorders to printers, wearable devices and “smart” lightbulbs.

Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.

-Rule #1: Avoid connecting your devices directly to the Internet — either without a firewall or in front it, by poking holes in your firewall so you can access them remotely. Putting your devices in front of your firewall is generally a bad idea because many IoT products were simply not designed with security in mind and making these things accessible over the public Internet could invite attackers into your network. If you have a router, chances are it also comes with a built-in firewall. Keep your IoT devices behind the firewall as best you can.

-Rule #2: If you can, change the thing’s default credentials to a complex password that only you will know and can remember. And if you do happen to forget the password, it’s not the end of the world: Most devices have a recessed reset switch that can be used to restore to the thing to its factory-default settings (and credentials). Here’s some advice on picking better ones.

I say “if you can,” at the beginning of Rule #2 because very often IoT devices — particularly security cameras and DVRs — are so poorly designed from a security perspective that even changing the default password to the thing’s built-in Web interface does nothing to prevent the things from being reachable and vulnerable once connected to the Internet.

Also, many of these devices are found to have hidden, undocumented “backdoor” accounts that attackers can use to remotely control the devices. That’s why Rule #1 is so important.

-Rule #3: Update the firmware. Hardware vendors sometimes make available security updates for the software that powers their consumer devices (known as “firmware). It’s a good idea to visit the vendor’s Web site and check for any firmware updates before putting your IoT things to use, and to check back periodically for any new updates.

-Rule #4: Check the defaults, and make sure features you may not want or need like UPnP (Universal Plug and Play — which can easily poke holes in your firewall without you knowing it) — are disabled.

Want to know if something has poked a hole in your router’s firewall? Censys has a decent scanner that may give you clues about any cracks in your firewall. Browse to, then cut and paste the resulting address into the text box at, select “IPv4 hosts” from the drop-down menu, and hit “search.”

If that sounds too complicated (or if your ISP’s addresses are on Censys’s blacklist) check out Steve Gibson‘s Shield’s Up page, which features a point-and-click tool that can give you information about which network doorways or “ports” may be open or exposed on your network. A quick Internet search on exposed port number(s) can often yield useful results indicating which of your devices may have poked a hole.

If you run antivirus software on your computer, consider upgrading to a “network security” or “Internet security” version of these products, which ship with more full-featured software firewalls that can make it easier to block traffic going into and out of specific ports.

Alternatively, Glasswire is a useful tool that offers a full-featured firewall as well as the ability to tell which of your applications and devices are using the most bandwidth on your network. Glasswire recently came in handy to help me determine which application was using gigabytes worth of bandwidth each day (it turned out to be a version of Amazon Music’s software client that had a glitchy updater).

-Rule #5: Avoid IoT devices that advertise Peer-to-Peer (P2P) capabilities built-in. P2P IoT devices are notoriously difficult to secure, and research has repeatedly shown that they can be reachable even through a firewall remotely over the Internet because they’re configured to continuously find ways to connect to a global, shared network so that people can access them remotely. For examples of this, see previous stories here, including This is Why People Fear the Internet of Things, and Researchers Find Fresh Fodder for IoT Attack Cannons.

-Rule #6: Consider the cost. Bear in mind that when it comes to IoT devices, cheaper usually is not better. There is no direct correlation between price and security, but history has shown the devices that tend to be toward the lower end of the price ranges for their class tend to have the most vulnerabilities and backdoors, with the least amount of vendor upkeep or support.

In the wake of last month’s guilty pleas by several individuals who created Mirai — one of the biggest IoT malware threats ever — the U.S. Justice Department released a series of tips on securing IoT devices.

One final note by the author (Krebs): I realize that the people who probably need to be reading these tips the most likely won’t ever know they need to care enough to act on them. But at least by taking proactive steps, you can reduce the likelihood that your IoT things will contribute to the global IoT security problem.