- Whenever you have new technologies such as the internet of things, you open a new avenue of attack, says Haiyan Song of Splunk, a cybersecurity analytics company.
- Cyber-attacks from nation states are worrisome because determining attribution is difficult.
- Song spoke at CNBC's East Tech West conference in China.
The "Internet of Things" has created all sorts of problems on the cybersecurity front — and the problem may get worse soon.
The Internet of Things, commonly called IoT in tech circles, is the concept of conventional, physical objects being linked to the internet and communicating with each other — think, for instance, of automobiles or appliances that are linked to the internet.
But just like computers that are connected to the internet, those networked devices can be hacked.
"Next year, we will definitely hear of even more IoT-related security challenges," said Haiyan Song, general manager of Security Markets for U.S.-based Splunk, a software maker that helps clients analyze cyber-threats.
"IOT has really changed ... the way we live, and whenever you have new technologies like that ... you open up a new attack surface," Song told CNBC's Arjun Kharpal.
Voted one of the 50 most powerful women in Tech by the National Diversity Council, Song is considered a leading thinker in the U.S. cyber security industry. She was speaking at CNBC's East Tech West conference in the Nansha district of Guangzhou, China.
A separate problem cited by Song is the difficulty of identifying the source of cyberattacks when they come from nation states that target business and government systems.
"Attribution is difficult because there are so many technologies used to try and disguise where the threat is coming from," said Song, who added that "people may want you to think it's coming from other places."
Nasdaq-listed Splunk is a major player in the market for real-time security data and analysis. That industry is expected to grow to $6.75 billion in revenue by 2023, according to a report by ResearchAndMarkets.com.
Since Splunk went public in 2012, it has shown annual revenue growth of 51 percent, and has acquired other businesses including Phantom Cybersecurity for about $350 million.