Weitere Àhnliche Inhalte
Ăhnlich wie Ben goodman cybersecurity in the iiot (20)
KĂŒrzlich hochgeladen (20)
Ben goodman cybersecurity in the iiot
- 2. © 2016 ForgeRock. All rights reserved.
Industry 4.0
By ChristophRoser at AllAboutLean.com, own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=47640595
- 4. © 2016 ForgeRock. All rights reserved.
Internet of Things Top Concerns
Security & Privacy Concerns
Value Assessment, Case Studies &
Organizational Consensus
Lack of Solution Knowledge
Legacy Infrastructure, Lack of Skills,
Integration & Costs
Lack of Standards & Interoperability
1
2
3
4
5
Source: IoT Institute, 2016 IoT Trends
Survey
- 5. © 2016 ForgeRock. All rights reserved.
Connected Car Hacked
Charlie Miller
Chris Valasek
Kill Engine
Brake /
Disable
July 2015
Track / Steer
Jeep
Cherokee
- 6. © 2016 ForgeRock. All rights reserved. 6
Connected Health Hacked
Jack Barnaby
Medtronic Insulin Pump
Adjust /
Disable
February
2012
- 7. © 2016 ForgeRock. All rights reserved.
Internet of Things Other Hacks
HackedConnected Home
Connected Industry Hacked
Smart Livestock Unsure
- 8. © 2016 ForgeRock. All rights reserved.
Why is it that these connected devices are
being hacked over and over again?
The list below, while not exhaustive, explains some of the
reasons why these new connected devices are so easy to hack
and why weâre likely to see more hacks in the future.
âą MVP mindset
âą Usability > security
âą Lack of skills and resources
âą Ship and forget mindset
âą You (the user)
âą Complex supply chain
âą Cybercrime as a service
- 10. © 2016 ForgeRock. All rights reserved.
Identity Access Management Identity Relationship Management
Customers
(millions)
On-premises
People
Applications
and data
PCs
Endpoints
Workforce
(thousands)
Partners and
Suppliers
Customers
(millions)
On-premises Public
Cloud
Privat
e
Cloud
People
Things
(Tens of
millions)
Applications
and data
PCs PhonesTablet
s
Smart
Watches
Endpoints
Business Has Changed: Enterprises now require Identity
Relationship Management (IRM)
- 11. © 2016 ForgeRock. All rights reserved.
Perimeter-Based Security Identity-Centric Security
Enables Digital
Business
Untrusted
Truste
d
Inhibits Digital
Business
Old Security Model is Broken. Security Must Now Be
Identity-Based, and implemented by design.
- 12. © 2016 ForgeRock. All rights reserved.
IAM in the age of the digital
business is more typically
characterized by a web of
paths involving a variety of
application locations,
endpoint devices, and things.
Workforce
(thousands)
Partners and
Suppliers
Customers
(millions)
On-premises Public
Cloud
Private
Cloud
People
Things
(Tens of
millions)
Applications
and data
PCs PhonesTablet
s
Smart
Watches
Endpoints
Next Generation IAM
- 13. © 2016 ForgeRock. All rights reserved.
Why IoT Needs Identity
âąAn object must be identified in order to be secured
âąUnified identities of applications, cloud services, software code and connected
devices
âąIoT authorization decisions requires real-time processing of
âąComplex relationships
âąContext
âąUser digital interactions must be constantly monitored.
âąIn addition to using contextual cues to evaluate customer behavior,
âąuser identity and access rights can be verified through multi-factor authentication
- 15. © 2016 ForgeRock. All rights reserved.
End-to-end IoT Identity Platform
BIG
DATA
Little Data
End-to-End Security, Web, Data Objects & Management
IP and Web to the
edge
Solutions
Edge
Identity Platform
âą Consumers
âą Customers
âą Partners
âą Contractors
âą Employees
âą âŠ
FROM DEVICE TO
CLOUD IoT Services Enterprise