Internet of Things Security – are you failing to prepare?


By Ian Kilpatrick, Executive Vice-President Cyber Security at Nuvias Group

Flickering lightbulbs, scary Barbie dolls, infected computer networks and cities out of action. Could this be the brave new world of the Internet of Things (IoT), if we neglect IoT security? Ian Kilpatrick, EVP Cyber Security for Nuvias Group, discusses the unstoppable growth of IoT and the necessity for organisations to take appropriate measures to protect their computer networks.

Ian Kilpatrick
Ian Kilpatrick
For several years, the IT industry has enthusiastically extolled the virtues of the Internet of Things (IoT), eager to enlighten us to the difference that living in a connected world will make to all our lives.

Now the IoT is here – in our homes and in the workplace. Its uses range widely, from domestic time-savers like switching on the heating, to surveillance systems, to “intelligent” light bulbs, to the smart office dream.

This proliferation of devices and objects collect and share huge amounts of data. However proliferation also has the potential to create greater opportunities for vulnerabilities. Moreover, because these devices are connected to one another, if one device is compromised, a hacker has the potential opportunity to connect to multiple other devices on the network.

Indeed, there have been a number of high-profile cases where everyday items have been used to force websites offline. Recently, hackers harnessed the weak security of internet-connected devices, like DVRs and cameras, using botnets implanted on the devices, to take down sites such as Amazon, Netflix, Twitter, Spotify, Airbnb and PayPal. More recently, security vulnerabilities in the new, Wi-Fi enabled Barbie doll were discovered, turning it into a surveillance device by joining the connected home network!

Elsewhere, researchers said they had developed a worm that could potentially travel through ‘smart’ connected lightbulbs city-wide, causing the web-connected bulbs to flick on and off.

These are just a few examples of the security failures in devices for the IOT. Unfortunately, they are not the exception. Manufacturers are rushing to make their devices internet-connected but, in many cases, with no thought (or indeed knowledge) around security.

The next step on IoT’s journey is connected or smart cities, where the consequences of an attack are enormous. It’s not just one lightbulb – a hacker can potentially plunge an entire city into darkness, or disable surveillance systems, causing chaos.

With IoT devices now moving into the workplace, organisations are increasingly vulnerable to attack. A survey by analyst group 451 Research predicts that enterprises will increase their IoT investment 33 percent over the next 12 months, but that security remains a concern with half of respondents citing it as the top impediment to IoT deployments.

Nevertheless, it says that organisations are forging ahead with IoT initiatives and opening their wallets to support IoT deployments.

There’s no turning back the tide of any of these IoT applications – and in fact we shouldn’t try to halt progress. However, checking the security capabilities before deployment isn’t a bad strategy. Especially as it is important to ensure that the advance of IoT isn’t providing hackers and criminals with another entry point for attack.

Securing the IoT
The IoT challenge is backfilling security onto IoT devices. Because these devices are not running on standard operating systems, they are often invisible to a large part of an organisation’s defences. And if a device is compromised, and you end up with malware within your organisation, you must firstly spot the breach, and then find out where it’s coming from – not an easy task.

Cleaning the device won’t necessarily fix the problem, as you will have a compromised IoT device within your security perimeter, which will just continue to re-infect other devices.

There are many different types of solutions available. Kaspersky Labs, for example, has Kaspersky OS, a secure environment for the IoT. Other suppliers, including Tenable Networks and Check Point, also provide solutions that are relevant here.

A key action for organisations is to pay close attention to the network settings for IoT devices and, where possible, separate them from access to the internet and to other devices.

Also IoT devices should be identified and managed alongside regular IT asset inventories; and basic security measures like changing default credentials and rotating strong Wi-Fi network passwords should be used.

As much as IoT manufacturers need to embed adequate levels of security into their devices, the ultimate responsibility for ensuring an organisation is secure is with the user. This is particularly true as Chief Information Security Officers (CISOs) are under more pressure than ever to maintain the integrity of their organisations, in the face of increasing legislation such as the General Data Protection Regulation (GDPR), which carries potentially crippling fines for data breaches.

Ultimately, IoT is here, and it isn’t secure. It won’t be secure until IoT device manufacturers make it secure, which will be many years in the future. In the meantime, it’s down to organisations to make sure they are protected. User education should be a key element in defence around IoT deployment, partly because of the increased risks of shadow deployment in the workplace with IoT devices.

Business leaders need to ask their IT department or CISO for a strategic plan to deal with IoT vulnerabilities, rather than burying their head in the sand. As the saying goes, a failure to plan is planning to fail.


Bio of author
Ian Kilpatrick, EVP (Executive Vice-President) Cyber Security for Nuvias Group

A leading and influential figure in the IT channel, Ian now heads up the Nuvias Cyber Security Practice. He has overall responsibility for cyber security strategy, as well as being a Nuvias board member. Ian brings many years of channel experience, particularly in security, to Nuvias. He was a founder member of the award-winning Wick Hill Group in the 1970s and thanks to his enthusiasm, motivational abilities and drive, led the company through its successful growth and development, to become a leading, international, value-added distributor, focused on security. Wick Hill was acquired by Nuvias in July 2015.

Ian is a thought leader, with a strong vision of the future in IT, focussing on business needs and benefits, rather than just technology. He is a much published author and a regular speaker at IT events. Before Wick Hill, Ian qualified as an accountant, was financial controller for a Fortune 50 company, and was a partner in a management consultancy.

About Nuvias Group
Nuvias Group is the pan-EMEA, high value distribution business, which is redefining international, specialist distribution in IT. The company has created a platform to deliver a consistent, high value, service-led and solution-rich proposition across EMEA. This allows partner and vendor communities to provide exceptional business support to customers and enables new standards of channel success.

The Group today consists of Wick Hill, an award-winning, value-added distributor with a strong specialisation in security; Zycko, an award-winning, specialist EMEA distributor, with a focus on advanced networking; and SIPHON Networks, an award-wining UC solutions and technology enabler for the channel. All three companies have proven experience at providing innovative technology solutions from world-class vendors, and delivering market growth for vendor partners and customers. The Group has 21 regional offices across EMEA, as well as serving additional countries through those offices. Turnover is in excess of US$ 350 million.

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

::::::::::::::::::::::::::::::::::6733:::::::::::::::::::::::::::::::::;;

:::::::::::::::::::::::::::::925:::::::::::::::::::::::::::::::

TRIO STEEL IS ONE OF THE MOST TRUSTED BRAND AND LEADING EXPORTER AND SUPPLIER OF CARBON STEEL, ALLOY STEEL & STAINLESS STEEL PIPES & PIPE FITTINGS MATERIAL. Triosteel is one of the leading Suppliers and Exporters of API 5L Pipe in Singapore. Triosteel also Exports to many countries like Indonesia, Iran, Saudi Arabia & many more. An API 5L pipe is manufactured by adhering to the specifications laid down by the International Organization for Standardization (ISO) 3183.

2780

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

2781

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

——————————————–

For the 2012 MLB period, we found an totals forecast Joao’s Renowned Over/Under João Zorro Gonçalves, Zcode Totals Pro, System of the time with progressions that have been successful over 98 98% ... We eventually perfected our over/under program ( Zcodesystemexclusive ), although it h-AS has brought years of investigation. Five Steps to Making a Winning MLB Method: 1. Execute appropriate cash management tools. 2. MLB rules that are comprehend. 3.Extensive testing back to make sure successful longterm results ...

——————————————–

There is always a challenge when you're dealing with the Foreign Exchange Market. That's just the nature of the beast. The best thing you can do is to learn about how the market operates as a whole so that you will be ready to meet these challenges. iq option penipu Never be misled by any profit gains in binary options. This is the number-one way traders end up losing their money and ultimately failing. Remember that the same things that make you laugh can make you cry in this market, and you can lose that $700.

——————————————–

Learning Polish has never been this fun and easy as with our podcasts Learn Polish with Polishpod101 Start today and become conversational in Polish in no time

——————————————–

The Best Website Agen Poker Resmi www.sakupoker.com Terpercaya come join

——————————————–

Do you need edmonton phone systems service ? Call complete communications today!

——————————————–

High-tech solutions for easy start-up of your IPTV/OTT-business

——————————————–

——————————————–

If you want to purchase not only one item, you have a chance to enjoy privileges. There is a sale’ tab on the site which offers a fantastic range of reduced counterfeit watches and accessories, such as sunglasses, cufflinks, watch straps and pens. Luxury Jewelry Replica At MCA.MN On Sale You get a 5% discount if you buy two pieces, this discount increases to 10% if you buy 4 pieces or more. There is free international shipping on all orders on this site. We also offer customers a free return anytime with a 100% money back guarantee.

——————————————–