IC Realtime CTO Andrew Nassar contributed expert commentary on smart-home security risks, including vulnerable connected devices, weak network practices, and privacy pitfalls in data-sharing defaults.
Smart home security systems now cover more than burglary deterrence—they can automate lights, monitor environmental hazards, and send real-time alerts that shape how households manage safety day to day.
That convenience also expands the attack surface. The AAA report identifies the Wi-Fi or cellular network as a common weak link, since cameras, doorbells, and other devices often rely on the same home connectivity as laptops and phones.
Nassar’s contribution focused on the risks posed by the sheer number of connected endpoints, noting that some devices are “poorly engineered” and may ship with exposed services that create opportunities for exploitation.
The piece highlights basic security hygiene as a practical defense: replacing default passwords, enabling automatic firmware updates, upgrading to WPA2/WPA3 encryption, and using multi-factor authentication where available.
It also flags device selection as part of security planning. Lesser-known or off-brand products may be less rigorously secured, while widely adopted smart-home standards can offer more predictable interoperability and support expectations.
Beyond hacking, the report emphasizes privacy as a parallel risk. Connected security products can collect extensive user data, and recordings may be stored in the cloud for long periods—raising concerns about how household routines and visitor data could be accessed or reused.
Nassar warned that some consumer security products share video and data, and that sharing can be enabled by default—requiring users to opt out if they do not want their footage shared.
The practical mitigation steps outlined include opting out of sharing where possible, regularly deleting stored files, reviewing manufacturer privacy policies, and avoiding platforms that are not transparent about retention and access.