A new bill, the Internet of Things Cybersecurity Improvement Act of 2017, has been proposed to improve the cybersecurity of the Internet of Things (IoT) in government.
IoT devices are potential entry points to wider IoT ecosystems, making security essential. The Secure Technology Alliance’s IoT Security Council recently published a white paper called “Embedded Hardware Security for IoT Applications,” which outlines how to use embedded hardware to secure IoT applications.
Embedded hardware security can help secure IoT devices. But because IoT ecosystems involve a multitude of IoT devices and have the potential to be complex, the process of securely onboarding, configuring, updating, and operating devices must be taken into account across device categories and industries.
As with all information systems, basic security principles are critical for IoT implementation. The Secure Technology Alliance IoT Security Council recently published a white paper called “Embedded Hardware Security for IoT Applications,” which provides basic security principles for securing IoT.
In 2016, the Internet of Things crossed the six billion mark, with healthcare, smart city, consumer electronics, industrial, payments and numerous other verticals developing services and products that rely on an IoT infrastructure. But where’s the protection plan for IoT? You can’t buy a warranty against security breaches.
Several years ago, bed bugs in the fanciest of New York City hotels put thousands of travelers on edge. Pest services made a lot of money, as did retailers who sold bedding products. Bugs are back, but instead of infecting mattresses and pillowcases, they’ve worked their way into devices that are part of the Internet of Things. Many of today’s Internet of Things (IoT) of those connected devices, from connected crock-pots to refrigerators, are riddled with security flaws, leaving them vulnerable to attacks, according to research by Scott Tenaglia and Joe Tanen from Invincea Labs in Virginia
A cascading string of distributed denial-of-service (DDoS) attacks—most recently taking down parts of hundreds of sites including Twitter, Netflix, Spotify, Airbnb, Reddit and The New York Times—has demonstrated record-breaking volumes that are overwhelming website defenses. The four-fold growth in attack size over the last year is being driven by hundreds of thousands of internet-connected devices hackers are adding to their botnets, according to industry sources.
The security and privacy of IoT-enabled devices is a popular topic amongst connected car manufacturers, smart home developers and connected wearables. But as seemingly harmless things like Barbie dolls, stuffed animals and toy droids become connected to the IoT (and they are), what measures are being taken to ensure the security and privacy of those devices, if any? And is security a concern for something so ordinary?
If you’re designing a connected device for the Internet of Things (IoT), there are six key IoT design mistakes to avoid, Gianfranco Bonanome writes on TechTarget’s IoT Agenda. Bonanome addresses points such as whether you should even connect your device, if your design is scalable, and most importantly, when to consider your security approach.
What do we need to do as an industry to secure IoT? Accenture’s latest brief, “Security Call to Action: Preparing for the Internet of Things,” says the most challenging aspects involve the IoT’s sheer expanse, and the diversity of industries and use cases it embraces. What does this mean for security? There is no one-size-fits-all solution.