SlideShare a Scribd company logo

Principals of IoT security

Download as PPTX, PDF
IoT613
IoT613

Presentation given by Stephanie Sabatini, Cyber Security Professional, at IoT613 on Friday, September 30, 2016.

Technology
1 of 15
Principals of IoT Security Stephanie Sabatini, Cyber Security Professional
Principals of IoT Security Agenda Over the next 20 minutes we’ll discuss the following: The Fear • Be afraid (very afraid) The Challenge • IoT Security isn’t easy The Solution • Don’t be a statistic
The Fear Principals of IoT Security
IoT Security – The Fear • Baby monitors • Thermostats • Cars • Medical devices • Children’s toys • Toasters • Locks • ETC…
IoT Security – The Fear Gartner predicts 26 billion by 2020 • Revenue exceeding $300 billion in 2020 • $1.9 Trillion in global economic impact The financially motivated attacker has 26 billion targets and 300 billion reasons.
The Challenge Principals of IoT Security
IoT Security – The Challenge The top 10 security challenges with IoT: 1. Insecure Web Interface 2. Insufficient Authentication / Authorization 3. Insecure Network Services 4. Encryption 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface 8. Insufficient Security Configurability 9. Insecure Software / Firmware 10. Poor Physical Security
IoT Security – The Challenge Many IoT producers aren’t committed to security like a major tech company would be. Toy companies, for example – Toys made by Mattel Inc. (Fisher Price brand) with internet connectivity have been hacked revealing names, ages and geographical location of children. They specialize in making toys – not security. These ‘things’ live differently than the traditional internet connected devices. Many attacks that we have seen so far take advantage of these differences. They exploit the differences. The challenge is applying security controls on non-traditional devices. The principal is the same, but the control itself needs to be adapted (or innovated) to fit the security gap. Network + Application + Mobile + Cloud = IoT
The Solution Principals of IoT Security
Perimeter Network Host Application Data IoT Security – The Solution Security by design and a defense in depth approach will consider security from the design phase to the end-of-life and destruction of information phase.
IoT Security – The Solution A holistic approach needs to be built in – not bolted on • The device (end point security) • The cloud • The mobile application • The network interfaces • Encryption • Authentication • Patching • Physical security • Data Destruction
IoT Security – The Solution Developers – build components securely using secure development methodologies and perform static code analysis. Infrastructure Support – build infrastructure with secure end points, detective and preventative controls. Testers – include all attack vectors in testing methodologies. Manufacturers – Due diligence! Check, test, audit – make sure that you are manufacturing a secure product by bringing experts to the table. Plan for sufficient budgets. Consumers – change passwords regularly, use encryption – use the technology safely.
The Conclusion Principals of IoT Security
IoT Security – The Conclusion • DO NOT TRY THIS AT HOME! • Experts! Call the experts! • Expert solutions can’t be matched by homegrown solutions. • DON’T PANIC • Defense in depth • Innovate!
Stephanie Sabatini Cyber Security Professional & Strategist Stephanie@sabatiniconsulting.com 514-895-8635

Recommended

Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...ClicTest
 
"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le...
"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le..."Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le...
"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le...Dataconomy Media
 
IoT security patterns
IoT security patterns IoT security patterns
IoT security patterns Exosite
 
IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
TOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsTOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsChromeInfo Technologies
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesDenim Group
 

Recommended

Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...ClicTest
 
"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le...
"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le..."Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le...
"Cybersecurity - Current Landscape and Future Challenges", Anish Mohammed, Le...Dataconomy Media
 
IoT security patterns
IoT security patterns IoT security patterns
IoT security patterns Exosite
 
IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
TOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsTOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsChromeInfo Technologies
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesDenim Group
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist PriyaNemade
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security ElementsEurotech
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot deviceMayank Pandey
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of thingssreelekha appakondappagari
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of thingsMonika Keerthi
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security ChallengesForest Interactive
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Ulf Mattsson
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsStanford School of Engineering
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M SecurityYu-Hsin Hung
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Ahmed Mohamed Mahmoud
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT SystemsSecurity Innovation
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prustyamarprusty
 
7 Strategies for Reducing IoT Cyber Risk
7 Strategies for Reducing IoT Cyber Risk 7 Strategies for Reducing IoT Cyber Risk
7 Strategies for Reducing IoT Cyber Risk Hector Del Castillo, CPM, CPMM
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCreekside Marketing Group, LLC
 

More Related Content

What's hot

IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist PriyaNemade
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security ElementsEurotech
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot deviceMayank Pandey
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of thingsMonika Keerthi
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Ulf Mattsson
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsStanford School of Engineering
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Ahmed Mohamed Mahmoud
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT SystemsSecurity Innovation
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prustyamarprusty
 

What's hot (20)

IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot device
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT Security
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of things
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
 

Viewers also liked

Protecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT EcosystemProtecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT EcosystemCA Technologies
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsinLabFIB
 
IoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresIoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresUITSEC Teknoloji A.Ş.
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Capgemini
 
Scaling IoT Security
Scaling IoT SecurityScaling IoT Security
Scaling IoT SecurityBill Harpley
 
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015Mauro Risonho de Paula Assumpcao
 
[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber SecurityOWASP EEE
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber SecurityJAZEEL K T
 
Cybersecurity Skills Audit
Cybersecurity Skills AuditCybersecurity Skills Audit
Cybersecurity Skills AuditVilius Benetis
 
A Year of Cloud First: Lessons Learned
A Year of Cloud First: Lessons LearnedA Year of Cloud First: Lessons Learned
A Year of Cloud First: Lessons LearnedMike Chapple
 
Overview of the 20 critical controls
Overview of the 20 critical controlsOverview of the 20 critical controls
Overview of the 20 critical controlsEnclaveSecurity
 
Network Infrastructure Validation Conference @UPRA (2003)
Network Infrastructure Validation Conference @UPRA (2003)Network Infrastructure Validation Conference @UPRA (2003)
Network Infrastructure Validation Conference @UPRA (2003)Raul Soto
 
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032PECB
 
Designing for IoT and Cyber-Physical System
Designing for IoT and Cyber-Physical SystemDesigning for IoT and Cyber-Physical System
Designing for IoT and Cyber-Physical SystemMaurizio Caporali
 

Viewers also liked (20)

7 Strategies for Reducing IoT Cyber Risk
7 Strategies for Reducing IoT Cyber Risk 7 Strategies for Reducing IoT Cyber Risk
7 Strategies for Reducing IoT Cyber Risk
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT EcosystemProtecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutions
 
IoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresIoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructures
 
Cyber services IoT Security
Cyber services IoT Security Cyber services IoT Security
Cyber services IoT Security
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
 
Scaling IoT Security
Scaling IoT SecurityScaling IoT Security
Scaling IoT Security
 
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
 
[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
 
Cybersecurity Skills Audit
Cybersecurity Skills AuditCybersecurity Skills Audit
Cybersecurity Skills Audit
 
A Year of Cloud First: Lessons Learned
A Year of Cloud First: Lessons LearnedA Year of Cloud First: Lessons Learned
A Year of Cloud First: Lessons Learned
 
Company Product Sheet
Company Product SheetCompany Product Sheet
Company Product Sheet
 
Deft
DeftDeft
Deft
 
Overview of the 20 critical controls
Overview of the 20 critical controlsOverview of the 20 critical controls
Overview of the 20 critical controls
 
Network Infrastructure Validation Conference @UPRA (2003)
Network Infrastructure Validation Conference @UPRA (2003)Network Infrastructure Validation Conference @UPRA (2003)
Network Infrastructure Validation Conference @UPRA (2003)
 
Ispe Article
Ispe ArticleIspe Article
Ispe Article
 
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
PECB Webinar: Cybersecurity Guidelines – Introduction to ISO 27032
 
Designing for IoT and Cyber-Physical System
Designing for IoT and Cyber-Physical SystemDesigning for IoT and Cyber-Physical System
Designing for IoT and Cyber-Physical System
 

Similar to Principals of IoT security

assignment help experts
assignment help expertsassignment help experts
assignment help experts#essaywriting
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsIRJET Journal
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxtjane3
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxlmelaine
 
Strengthening IoT Security Against Cyber Threats.pdf
Strengthening IoT Security Against Cyber Threats.pdfStrengthening IoT Security Against Cyber Threats.pdf
Strengthening IoT Security Against Cyber Threats.pdfSeasiaInfotech2
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report SummaryAccenture Technology
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxvoversbyobersby
 
What are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxWhat are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxalanfhall8953
 
IoT Security Why Hiring Skilled Developers is Crucial for Protecting Your Dev...
IoT Security Why Hiring Skilled Developers is Crucial for Protecting Your Dev...IoT Security Why Hiring Skilled Developers is Crucial for Protecting Your Dev...
IoT Security Why Hiring Skilled Developers is Crucial for Protecting Your Dev...Dark Bears
 
IoT – Breaking Bad
IoT – Breaking BadIoT – Breaking Bad
IoT – Breaking BadNUS-ISS
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT SuccessElectric Imp
 
IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...
IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...
IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...IRJET Journal
 
Can you trust your smart building
Can you trust your smart buildingCan you trust your smart building
Can you trust your smart buildingDuncan Purves
 
Introduction to IOT security
Introduction to IOT securityIntroduction to IOT security
Introduction to IOT securityPriyab Satoshi
 
The Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityThe Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityOnward Security
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Vrince Vimal
 

Similar to Principals of IoT security (20)

assignment help experts
assignment help expertsassignment help experts
assignment help experts
 
sample assignment
sample assignmentsample assignment
sample assignment
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of things
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
Strengthening IoT Security Against Cyber Threats.pdf
Strengthening IoT Security Against Cyber Threats.pdfStrengthening IoT Security Against Cyber Threats.pdf
Strengthening IoT Security Against Cyber Threats.pdf
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report Summary
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
What are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docxWhat are the Challenges of IoT SecurityIoT has many of the same s.docx
What are the Challenges of IoT SecurityIoT has many of the same s.docx
 
IoT Security Why Hiring Skilled Developers is Crucial for Protecting Your Dev...
IoT Security Why Hiring Skilled Developers is Crucial for Protecting Your Dev...IoT Security Why Hiring Skilled Developers is Crucial for Protecting Your Dev...
IoT Security Why Hiring Skilled Developers is Crucial for Protecting Your Dev...
 
IoT – Breaking Bad
IoT – Breaking BadIoT – Breaking Bad
IoT – Breaking Bad
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success
 
IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...
IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...
IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...
 
Can you trust your smart building
Can you trust your smart buildingCan you trust your smart building
Can you trust your smart building
 
Introduction to IOT security
Introduction to IOT securityIntroduction to IOT security
Introduction to IOT security
 
The Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityThe Present and Future of IoT Cybersecurity
The Present and Future of IoT Cybersecurity
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture
 
VIISA Investment Day #4 - SecurityBox
VIISA Investment Day #4 - SecurityBoxVIISA Investment Day #4 - SecurityBox
VIISA Investment Day #4 - SecurityBox
 

More from IoT613

Smart City Next Steps
Smart City Next StepsSmart City Next Steps
Smart City Next StepsIoT613
 
Funding basics - From Boots to Wings
Funding basics - From Boots to WingsFunding basics - From Boots to Wings
Funding basics - From Boots to WingsIoT613
 
Autonomous Vehicles
Autonomous VehiclesAutonomous Vehicles
Autonomous VehiclesIoT613
 
Open source IoT
Open source IoTOpen source IoT
Open source IoTIoT613
 
Safety reliability and security lessons from defense for IoT
Safety reliability and security lessons from defense for IoTSafety reliability and security lessons from defense for IoT
Safety reliability and security lessons from defense for IoTIoT613
 
IoT planning for success
IoT planning for successIoT planning for success
IoT planning for successIoT613
 
What is the Natural Business Model for the Internet of Things - Blair Currie ...
What is the Natural Business Model for the Internet of Things - Blair Currie ...What is the Natural Business Model for the Internet of Things - Blair Currie ...
What is the Natural Business Model for the Internet of Things - Blair Currie ...IoT613
 
Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)
Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)
Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)IoT613
 
Meaningful Interactions in a Tech Laden World - Anthony Scavarelli (Luminarti...
Meaningful Interactions in a Tech Laden World - Anthony Scavarelli (Luminarti...Meaningful Interactions in a Tech Laden World - Anthony Scavarelli (Luminarti...
Meaningful Interactions in a Tech Laden World - Anthony Scavarelli (Luminarti...IoT613
 

More from IoT613 (9)

Smart City Next Steps
Smart City Next StepsSmart City Next Steps
Smart City Next Steps
 
Funding basics - From Boots to Wings
Funding basics - From Boots to WingsFunding basics - From Boots to Wings
Funding basics - From Boots to Wings
 
Autonomous Vehicles
Autonomous VehiclesAutonomous Vehicles
Autonomous Vehicles
 
Open source IoT
Open source IoTOpen source IoT
Open source IoT
 
Safety reliability and security lessons from defense for IoT
Safety reliability and security lessons from defense for IoTSafety reliability and security lessons from defense for IoT
Safety reliability and security lessons from defense for IoT
 
IoT planning for success
IoT planning for successIoT planning for success
IoT planning for success
 
What is the Natural Business Model for the Internet of Things - Blair Currie ...
What is the Natural Business Model for the Internet of Things - Blair Currie ...What is the Natural Business Model for the Internet of Things - Blair Currie ...
What is the Natural Business Model for the Internet of Things - Blair Currie ...
 
Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)
Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)
Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)
 
Meaningful Interactions in a Tech Laden World - Anthony Scavarelli (Luminarti...
Meaningful Interactions in a Tech Laden World - Anthony Scavarelli (Luminarti...Meaningful Interactions in a Tech Laden World - Anthony Scavarelli (Luminarti...
Meaningful Interactions in a Tech Laden World - Anthony Scavarelli (Luminarti...
 

Recently uploaded

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Recently uploaded (20)

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Principals of IoT security

  • 1. Principals of IoT Security Stephanie Sabatini, Cyber Security Professional
  • 2. Principals of IoT Security Agenda Over the next 20 minutes we’ll discuss the following: The Fear • Be afraid (very afraid) The Challenge • IoT Security isn’t easy The Solution • Don’t be a statistic
  • 3. The Fear Principals of IoT Security
  • 4. IoT Security – The Fear • Baby monitors • Thermostats • Cars • Medical devices • Children’s toys • Toasters • Locks • ETC…
  • 5. IoT Security – The Fear Gartner predicts 26 billion by 2020 • Revenue exceeding $300 billion in 2020 • $1.9 Trillion in global economic impact The financially motivated attacker has 26 billion targets and 300 billion reasons.
  • 7. IoT Security – The Challenge The top 10 security challenges with IoT: 1. Insecure Web Interface 2. Insufficient Authentication / Authorization 3. Insecure Network Services 4. Encryption 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface 8. Insufficient Security Configurability 9. Insecure Software / Firmware 10. Poor Physical Security
  • 8. IoT Security – The Challenge Many IoT producers aren’t committed to security like a major tech company would be. Toy companies, for example – Toys made by Mattel Inc. (Fisher Price brand) with internet connectivity have been hacked revealing names, ages and geographical location of children. They specialize in making toys – not security. These ‘things’ live differently than the traditional internet connected devices. Many attacks that we have seen so far take advantage of these differences. They exploit the differences. The challenge is applying security controls on non-traditional devices. The principal is the same, but the control itself needs to be adapted (or innovated) to fit the security gap. Network + Application + Mobile + Cloud = IoT
  • 10. Perimeter Network Host Application Data IoT Security – The Solution Security by design and a defense in depth approach will consider security from the design phase to the end-of-life and destruction of information phase.
  • 11. IoT Security – The Solution A holistic approach needs to be built in – not bolted on • The device (end point security) • The cloud • The mobile application • The network interfaces • Encryption • Authentication • Patching • Physical security • Data Destruction
  • 12. IoT Security – The Solution Developers – build components securely using secure development methodologies and perform static code analysis. Infrastructure Support – build infrastructure with secure end points, detective and preventative controls. Testers – include all attack vectors in testing methodologies. Manufacturers – Due diligence! Check, test, audit – make sure that you are manufacturing a secure product by bringing experts to the table. Plan for sufficient budgets. Consumers – change passwords regularly, use encryption – use the technology safely.
  • 14. IoT Security – The Conclusion • DO NOT TRY THIS AT HOME! • Experts! Call the experts! • Expert solutions can’t be matched by homegrown solutions. • DON’T PANIC • Defense in depth • Innovate!
  • 15. Stephanie Sabatini Cyber Security Professional & Strategist Stephanie@sabatiniconsulting.com 514-895-8635

Editor's Notes

  1. IoT devices are often sold or transferred during their lifespan, they are connected for longer periods of time, they do not follow a traditional 1 to 1 model of users to applications