tenexperttipsoninternetofthingssecurity-160302170210

download tenexperttipsoninternetofthingssecurity-160302170210

of 34

Transcript of tenexperttipsoninternetofthingssecurity-160302170210

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    1/34

    Ten Expert Tips onInternet of Things Security

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    2/34

    Over the last few years, Internet of Things (IoT)

    is all everyone has talked about. So it comes

    as no surprise, that 2016 has brought even

    more talk to the industry. More products will

    launch and headlines will continue to be filled

    on the subject.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    3/34

    However, as the industry continues to rise in

    popularity the more we hear about the serious

    security issues pertaining to IoT

    devices. I asked a few experts to

    share their tips on IoT security

    and how businesses can address

    this challenge.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    4/34

    Implement a

    BYOD policy.

    1

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    5/34

      Often, data breaches

    are the result of

    employees losing track

    of company-owned

    devices such as laptops,tablets and storage

    devices containing

    sensitive information.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    6/34

    This problem is exacerbated by employeesusing their own devices for work related tasks.

    In addition to impressing upon employees the

    need to keep track of their devices, businesses

    should encrypt their company-owned devicesusing a certified encryption methodology.

    - Krishna Narine, Business Litigation Lawyer

    Meredith & Narine, LLC

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    7/34

    It all starts with themanufacturers.

    2

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    8/34

      Achieving security restsless on the businesses

    that use IoT devices and

    more on the businesses

    that manufacture them.Manufacturers need to

    design security in from

    the beginning, both in

    software and hardware.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    9/34

    Ultimately, success in cyber security for IoT

    depends on designing in security from the

    beginning in the same way that we have

    achieved high reliability in areas like rail safety,

    aviation safety, food safety, security of iconicbuildings (i.e. designing buildings to withstand

    a blast), and so on.

    - Emilian Papadopoulos, President

    Good Harbor Security Risk Management

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    10/34

    Don’t be

    in a rush. 

    3

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    11/34

      Don't put all your

    eggs in one basket.

    Technology is

    awesome, and we truly

    are living in the future,but over-reliance on

    technology is a surefire

    recipe for disaster.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    12/34

    IoT presents a treasure trove of personal

    information, financial data, and other sensitiveinformation. Smart businesses and individuals

    will be careful to temper their excitement and

    desire to jump into this

    increasingly-interconnected world ofconvenience against their willingness to assume

    additional risk of attack or penetration.

    - Frank Spano, Executive DirectorThe Counterterrorism Institute

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    13/34

    Add on layers

    of security.

    4

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    14/34

      A VPN (Virtual Private

    Network) secures one's

    home or business

    network to allow traffic

    only from verifieddevices, or at least

    separates the unverified

    traffic out.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    15/34

    With the rise of the IOT, it is becoming easier and

    easier for malicious hackers to access verifiedinformation through these devices. While they’re

    marketed as being mostly secure, it only takes

    one error for someone to get access to your

    entire network. Using a VPN can totallyprevent this, adding a layer of redundancy that

    is so underrated in today’s world.

    - Bryce Hamlin,Public Relations CoordinatorHide.me

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    16/34

    Integrate security intoyour development

    lifecycle.

    5

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    17/34

      Companies that

    produce IoT devices

    need to ensure that

    they have a solidsoftware development

    lifecycle that is inclusive

    of security testing.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    18/34

    By ensuring security is baked into thedevelopment process from day one, the

    company can dramatically move the needle

    to help ensure the security of their devices,

    while also reducing waste within thedevelopment lifecycle.

    - Andrew Storms,Vice President, Security Services

    New Context

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    19/34

    Automationis key. 

    6

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    20/34

      Automation will be one of thekeys to increasing efficiency in

    enterprise SOCs. For instance, an

    automated incident response

    system can identify and resolve

    low-complexity, high-volume tasks

    with little to no human intervention,

    leaving expert security personnelwith more time to handle the more

    nuanced and complicated issues.

    That is critical, not only because

    more devices will create more tasks,

    but because attacks are growing

    increasingly sophisticated.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    21/34

    Additionally, if that same platform can centralize

    information from existing security tools, it

    streamlines operations by limiting the number

    of tools that analysts use to initially triage alerts.

    And, if the platform can capture processes for

    standardization and reuse, it further increases

    productivity by reducing duplicate work.

    - Cody Cornell,Founder and CEO

    Swimlane LLC

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    22/34

    Integration of cyberthreat intelligence.

    7

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    23/34

      The relevance of Cyber

    Threat Intelligence (CTI),

    as a part of a proactive

    information securityprogram, will become

    essential for

    information security.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    24/34

    It is critical for organizations to be able to identify

    evolving methods and emerging technology

    trends used by the cybercriminals, and then to

    continually assess their capability in this regard.

    Because many organizations don't have

    access to internal specialists, they will need to

    turn to external experts from the CTI sector.

    - Mark Coderre, National Security Practice Director

    OpenSky Corporation

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    25/34

    Security starts withproper training.

    8

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    26/34

      Enterprises need to

    approach IoT security

    bottoms up by re-training

    software developers:their own and their

    supply chain, ecosystem

    stakeholders.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    27/34

    To avoid IoT security being an afterthought,it is critical for the developers to start with a

    full system view of the IoT solution, not just

    their component alone, before they write

    the first line of code.

    - Prathap Dendi, General Manager

    Emerging Technologies, AppDynamics

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    28/34

    Stop the

    negligence.

    9

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    29/34

      The primary cause

    of security breaches

    in business remains

    employee negligenceor intent and not

    the malfeasance of

    hackers.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    30/34

    Education and training around policies and

    protocols for security is imperative to avoiding

    negligent behaviors, like weak and sharedpasswords or lackadaisical logouts, leading to

    issues. Having clear and complete understanding

    of possible vulnerabilities and limiting accessibility

    of control within software and hardware

    specifications and settings is of dire importance

    in limiting and avoiding intentional sabotage.

    - Felicite Moorman, CEOStratIS

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    31/34

    Oceans of

    the internet.

    10

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    32/34

      Asking how to

    theft-proof electronic

    information in the

    Internet of things is like

    asking how to protectyour ships against Pirates

    and Vikings during the

    11th and 12th century.

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    33/34

    We gained control of pirating the moment we

    gained control over the seas and oceans...Incomparison, we do not control the vast

    oceans of the Internet. We do not even have

    agreed-upon standards, nor even an

    understanding of all the harmful capabilities ofhackers on the web.... We are still at the stage

    of inventing technologies on the Internet.

    - Matti Kon, President & CEO

    InfoTech Solutions for Business

    Source

    https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/https://powermore.dell.com/technology/10-expert-tips-on-internet-of-things-security/

  • 8/17/2019 tenexperttipsoninternetofthingssecurity-160302170210

    34/34

    Interested in learning more about the

    future of IT? Check on this interactive

    on the future of cloud computing.

    Explore the future of cloud

    http://dell.to/1POjjX8http://dell.to/1POjjX8