August 08, 2014
SN blogs: This week, analysts discuss the identity of everything as related to Internet of Things, concerns about cloud security and why SDN needs a solid business case to evolve successfully.
IDoT Get Started
Bring yourself up to speed with our introductory content
Evaluate IDoT Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
With more employees bringing their own devices and network-connected objects -- such as keycard controls and energy monitoring systems -- the digital footprint of the internet of things is only increasing. Yet the security industry is starting to develop an identity of things strategy.
Manufacturing, healthcare and critical-infrastructure companies have long dealt with the identity of things. Supervisory control and data acquisition engineers may be able to teach CIOs and CISOs the best way to handle device identity management. Determining which devices should access a network is a daunting task, however, because device identity management can be context dependent. Some, such as mobile phones, should be linked to users; others, such as radio frequency ID tags on cargo containers, should be linked to physical objects; and still others, such as an MRI machine or a centrifuge, need to be treated as a critical asset. To deal with the influx of devices and the identity of things, companies need to address discovery, asset identification and provisioning.
As the U.S. presidential election nears, we caught up with Nathaniel Gleicher, the former director of cybersecurity policy at the National Security Council in the White House. Gleicher, who is currently the head of Illumio's cybersecurity strategy, spoke with Information Security magazine about the Shadow Brokers' cyberweapons dump, the importance of having visibility into networks that need to be protected and the challenges of the vulnerabilities equities process.Continue Reading
Learn to apply best practices and optimize your operations.
Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second issue head on.
In three feature stories, our experts examine the key aspects closely related to IoT security: device discovery, IoT identity and IoT security testing. It's basic to security that, to devise a proper security strategy, a security team must possess an accurate record of what exactly needs to be secured. The challenge when it comes to security for IoT is in cataloging, assessing and classifying devices that can number into the thousands and are often located outside an enterprise's physical boundaries. Certain industries, such as healthcare, are well into tackling this challenge. But increasingly more companies of all sizes will have to give the issue careful attention. Discovery involves identity issues, another focus of this edition, and once a security team has refined their IoT security policy, the next logical step is to implement a process of IoT security testing.
Readers of this Insider Edition will come away with a deeper understanding of how to approach security for IoT, from how to create a compilation of what needs to be secured to how to set up a successful security testing process. When it comes to internet of things security, the threat of breaches may never be fully eliminated, but the odds that enterprises will thwart attacks can be improved through proper policy and security systems.Continue Reading
Companies in certain industries -- manufacturing, healthcare and critical infrastructure -- are already dealing with securing the internet of things; others will have to start. Continue Reading
Problem Solve IDoT Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
When you connect manufacturing machinery to the internet, you've created a potential gateway for hackers. Here's a look at the risks you might be facing. Continue Reading