Securing IoT requires a shift to a security fabric
One of the key takeaways I had coming out of RSA 2020 is that security must shift away from the traditional point product approach to a fabric architecture. At the event, I interviewed a CISO that had a strong opinion that “the current approach with security is not working, has not worked and will not…
In 2020, IoT Security Must Be Part of Your Threat Management Strategy
Internet-enabled devices are emerging more and more in business and personal environments. Often going unnoticed, they simply appear within network infrastructures, using wired or wireless connections and expanding the enterprise attack surface. In fact, enterprises nowadays likely have more internet of things (IoT) devices on their networks than traditional endpoints — according to Armis, by…
Consumers care deeply about their privacy, security, and how their personal information is handled
65% of consumers are concerned with the way connected devices collect data. More than half (55%) do not trust their connected devices to protect their privacy and a similar proportion (53%) do not trust connected devices to handle their information responsibly, according to a survey by IPSOS Mori on behalf of the Internet Society and…
The Cybercrime Landscape Is Evolving — Will Your Mobile Threat Defense Strategy Keep Up?
As the workforce becomes increasingly mobile, organizations must adapt their security strategies to account for the enlarged threat surface. While mobility undeniably helps organizations boost productivity, it also creates considerable weaknesses in the IT environment. How can companies strike a balance between giving employees the 24/7 access they need to perform their jobs and protecting…
Is My Fitness Band Protected? An Exercise in IoT Security
I recently bought a fitness band to track my daily workouts and quickly got hooked. The invaluable insights it provided through data analysis, coupled with the constant reminders it pushed out to help me achieve my fitness goals, got me thinking about how the Internet of Things (IoT) is transforming our way of life and shaping our…
Internet-Connected Toys: Cute, Cuddly and Inherently Insecure
After the FBI issued a warning on internet-connected toys in July, researchers began digging into these devices to assess their functions as they relate to cybersecurity. But before describing what one of these toys can do, it might be helpful to explain how they work at a very high level. The first component of an…
Are companies doing enough on the IoT security front?
We continue to hear dire warnings about the inherent security risks of the Internet of Things (IoT), and indeed IoT-related incidents are happening. With many companies beginning to capture IoT data from connected devices, a key question is are they doing enough to ensure that data and networks are secure? If security executives thought they…
Is Bluetooth Security Good Enough for Your Most Sensitive Corporate Communications?
Most users take Bluetooth security for granted. When you’re enjoying the convenience of hands-free phone conversations, streaming podcasts in your car or jogging with your awesome new wireless headphones, do you need to worry about whether the communication channel is secure or not? What’s acceptable for consumers may not meet corporate standards. With a new…
Secure Your IoT Deployment by Paying Attention to These Four Factors
Once seen as just a utility to monitor and control a variety of devices, the Internet of Things (IoT) has become a reality. Devices available for IoT deployment range from household products like thermostats and garage door openers to units that control manufacturing systems and robotic devices. Unfortunately, many of these systems were designed without…
Mirai Evolving: New Attack Reveals Use of Port 7547
When the source code for the Mirai botnet was made public in late September, a top concern was that bad actors might modify the code to increase the number of Internet of Things (IoT) devices they can compromise. It seems these fears have been realized. A few weeks ago, Reverse Engineering Blog disclosed a vulnerability…