We’ve all heard of ICS or Industrial Control Systems, but in light of the direction we’re heading with the IoT, I suggest that these devices should be called Personal Control Systems. True, in the ICS world, the controls are what actually drive and control those systems, but I feel that we are moving towards that reality in our own personal devices and the ‘control’ that they are exerting over our lives. Now this is not something that’s mandated for us to function every day, but we are increasingly letting ourselves become dependent on these systems, so it’s not that much of a stretch.

I debated about the acronym of PCS, considering People Control Systems, or Systems Controlling People, but the truth of the matter is, we accept and subscribe to this system and, by and large, pay for this convenience and willingly give up our personal control, but for what? The simple answer is, we do it because it helps us manage our lives and surroundings in a more efficient manner, at least that’s how we rationalize the decisions we make to give up all of the information we mostly pay to give away, to people that only want to profit from said information.

Interestingly enough, the people in the ICS world have to pay large sums of money  for control systems that they need to keep their processes running as efficiently as they were designed, and security is largely left up to the firms that purchase these systems. This is pretty much the same business model that is being used in the consumer arena, with one small caveat, most people don’t have an internal security team, or even the wherewithal to even begin to understand how to protect themselves from the unsecure products they are being peddled. At least in the ICS world, they know what they are getting and most firms usually have a plan in place to help mitigate this security threat in some manner or another. But don’t feel bad, even the people that know and even in some case have exploited a lot of these technologies, still have them in their homes and network environments. True, a lot of these same people understand the risks and take precautions to minimize those risk, but they still use the same products as average people.

Unlike PCS, the people that work with ICS systems are united in crying out for more secure and robust out of the box products, but even in their unity, they are still at a disadvantage in many cases because, for many reasons, there is not as much competition in the ICS world, and therefore no incentive for manufacturers to listen to any of their customers about security. As long as their products work as intended, that is really their only goal, everything else is secondary.

Quite the opposite is true for the PCS world, in fact, there is competition galore in the consumer electronics markets, but, unlike ICS, there is no unity of users to demand security from the makers of the myriad of wares being pushed on the general population, and therefore, the outcome is the same. As long as products work, there need for manufacturers to worry too much about security. To be fair, some manufacturers do make some attempts at security, which is better than nothing, but more could be done, at relatively little cost, if only someone cared.

#################################################################

So what does this say about the state of things in the present PCS world? It’s says that we all accept the risks, sign off on the Terms of Service agreements and complain that our security and privacy are being invaded by the government and all those evil corporations out there, even though we choose to let this happen out of our own free will. Not really an environment screaming for more secure products, and therefore, no change will come if we all just accept the current reality and go about our lives. So the only real fix for this problem, without massive change, is to just say no to the PCS world until security is taken more seriously, but we all know that will never happen since we’re all willingly under their control…