Skip to main content

What Securing the Internet of Things Means for CISOs

Summary
The Internet of Things redefines security by expanding the scope of responsibility into new platforms, services and directions. CISOs should focus existing security resources on specific use cases to identify new patterns for Internet of Things security solutions.
Table of Contents
·         Analysis
·         Impacts and Recommendations
o    The power of an IoT object to change the state of environments — in addition to generating information — will cause CISOs to redefine the scope of their security efforts beyond present responsibilities
o    Most IoT devices and services may be Nexus of Forces-based, but CISOs will be dealing simultaneously with all past eras of technology to secure the necessary scale and complexity that an IoT world demands
o    IoT security needs will be driven by specific business uses cases that are resistant to categorization, compelling CISOs to prioritize security implementations of IoT scenarios by tactical risk

o    The requirements for securing the IoT will be complex, forcing CISOs to use a blend of approaches from mobile and cloud architectures, combined with industrial control, automation and physical security

Comments

Post a Comment

Popular posts from this blog

LinuxGuruz Netfilter IPTABLES Firewall Page

The Netfilter Project Homepage http://www.netfilter.org Source Code Userspace code (tar.bz2) http://www.netfilter.org/files/iptables-1.3.0.tar.bz2 FAQ Netfilter/Iptables FAQ http://netfilter.samba.org/documentation/FAQ/netfilter-faq.html Firewall Forensics (What am I seeing?) FAQ http://www.robertgraham.com/pubs/firewall-seen.html Network Intrusion Detection Systems - IDS http://www.robertgraham.com/pubs/network-intrusion-detection.html Sniffing (network wiretap, sniffer) FAQ http://www.robertgraham.com/pubs/sniffing-faq.html Linux IP Masquerade FAQ http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO/ Firewall Admins Guide to Porn FAQ http://www.robertgraham.com/pubs/firewall-pr0n.html Hacking Lexicon - hacking dictionary http://www.robertgraham.com/pubs/hacking-dict.html Submit a FAQ Link or URL http://www.linuxguruz.com/iptables/#links Scripts Home LAN masquerading http://the-devil.dnsalias.net/home/extremist_MASQ Home LAN ip6t...
Post a Comment
Read more

How to Address the Patching Paradox

Analyze your vulnerability response capabilities.  Assess vulnerability detection and patching capabilities to identify vulnerability response issues. Tackle low-hanging fruit first.  Prioritize minor vulnerability response problems and build a comprehensive vulnerability response strategy over time. Eliminate barriers between security and IT teams.  Combine vulnerability and IT configuration data into a single platform to drive collaboration between security and IT teams. Create end-to-end vulnerability response processes.  Develop vulnerability response processes and ensure that security and IT teams have a shared view of these processes. Retain security talent.  Remove internal barriers, optimize day-to-day processes and automate mundane work; by doing so, an organization can create a positive environment for security teams, increase employee satisfaction and boost the likelihood of retaining top security talent. Manual vulnerability response process...
Post a Comment
Read more

mobile application Security Testing

Apps that enterprises develop themselves (or have developed by outsourcers) must be tested, to ensure they’re not leaking customer data or opening the enterprise to attack It’s cheaper and faster to test apps pre-production than it is after deployment Automated testing of mobile software is faster and more effective than manual testing Mobile applications interact with back-end web servers and services that also need to be tested That’s where AppScan® comes in What customers struggle with: Deploying secure mobile applications – both iOS and Android Static testing of mobile applications for security exposures, prior to deployment Inability to assess security of mobile applications developed by outsourcers Finding resources to test application code Understanding security risks of the mobile application environment Bringing together mobile application testing results with back-end web application and services resu...
Post a Comment
Read more