Recent meetings on Capitol Hill about the Internet of Things (IoT) haven’t yet garnered major mainstream media coverage. But they may represent a pivotal turning point in the trajectory of IoT and Industrial Internet of Things (IIoT) technology.

On May 22, the House Energy & Commerce Committee's Digital Subcommittee convened to discuss what role the government should play in removing barriers to IoT expansion – while ensuring the safety and security of the nation’s networks.

The backdrop for the meeting was the growth in IoT adoption to date – and explosive potential of IoT as a future economic driver. The house hearing background memo pointed out that by 2020, annual revenue for IoT vendors of hardware and software could reach nearly $500 billion. And IoT is predicted to have a total economic impact of $11.1 trillion dollars by 2025.

Technical leaders working at IoT and IIoT-powered enterprises have experienced this growth from the data side. While the rate of overall data growth is astronomical – total data volume is doubling every two years – data generated from machines (servers, sensors, industrial equipment, and connected devices) is expected to grow at 50x the overall growth rate.

IoT and IIoT data are already being used across industries as diverse as manufacturing, healthcare, and consumer products to fuel industrial optimization, forecast demand, manage supply chains, and personalize customer experiences. According to recent research, 51% of companies that have adopted IoT technology claim that it is increasing revenue or opening up new revenue streams, while those focused on cost cutting have seen an average 20% reduction in costs.

It’s clear that while IoT and IIoT are still early in the adoption curve, they will fundamentally reshape the economy.

But security-oriented regulation isn’t keeping pace. Washington hasn’t introduced a comprehensive set of legislation designed to enforce device and network safety standards, and Forrester predicts that IoT security gap will only continue to grow in 2018.

There are numerous documented vulnerabilities across the IoT and IIoT ecosystem that represent potential security threats:

• Device: IoT devices themselves often are often protected by poor or non-existent security. Experts recommend endpoint hardening through a layered approach designed to protect the device and its data from unauthorized use.

• Network: Companies often don’t take the steps needed to secure the networks they use for IoT and IIoT; the IEEE advises strong user authentication, secure protocols/access control mechanisms, and network segmentation.

• Data: Lastly, the data collected and transmitted by IoT devices may be highly sensitive in nature (including commercially actionable or even personally identifiable information) – and as such, should be subject to the highest levels of protection. Application and user data should be encrypted both in-flight and at-rest, and user roles should be .

So what do these security challenges – and the likely embrace of greater governmental regulation (or voluntary self-regulation) of IoT and IIoT technology – mean for technical leaders shaping their enterprise’s big data roadmap?

Fundamentally, any data ingestion technology must be architected with data security as one of its guiding principles. This is especially a concern for organizations taking on in-house implementations of open source frameworks like Apache Spark: these open source frameworks, while powerful, are far from enterprise-grade in terms of their built-in security support and tooling.

In contrast, organizations working with IoT or IIoT data should expect any vendor powering data in motion to offer – out of the box – a robust suite of security features including fine-grained definition of access rights for every source, end-to-end encryption of the data according to the highest industry standards, and role-based access rights on a per pipeline basis.

These foundational security investments for data in motion will be the new table stakes in the coming era of IoT and IIoT.