IoT at CES: “Cool” but Not Secure


During CES last week, you were likely inundated with announcements and demos of the hottest new internet-connected products. But as Lindsey O’Donnell points out in a recent article on ThreatPost, one thing you didn’t see was how to secure those devices. “For infosec experts specializing in connected devices, unfortunately the missing security piece is nothing new at the show,” according to O’Donnell.


While the Jeep auto-hack in 2015 and the Mirai botnet attack in 2016 may feel like distant memories, the threat is still very real. Thousands of manufacturers, developers and suppliers attended CES, but with no conversation around security, it’s clear little is being done to prevent such an attack in the future.

With the number of internet-connected devices expected to outnumber people 6 to 1 by next year, the need for security is more urgent than ever. In the article, O’Donnell suggests that even the simplest tasks, like not using hard-coded default passwords and more penetration testing, are good first-steps. For the highest level of security, the Secure Technology Alliance also recommends building hardware-based security into the device at manufacturing.

Want to help shift the focus? The Secure Technology Alliance is raising industry awareness that security needs to be moved to the forefront in IoT. Learn more about the Alliance’s work in this space and how to get involved here.

Read the full ThreatPost article by O’Donnell here.