Dan York: Security issues will not slow down deployment of IoT in the near future
|
|
- Cuthbert Kelley
- 8 years ago
- Views:
Transcription
1 Dan York: Security issues will not slow down deployment of IoT in the near future Dan York, Senior Content Strategist at the Internet Society, Chairman of the global Voice Over IP Security Alliance (VOIPSA). Focuses on the Deploy360 Programme creating, curating and promoting online content that helps service providers, companies and individuals more quickly deploy Internet technologies such as IPv6 and DNSSEC The rapid development of the Internet of Things (IoT) changes the world and life style we are used to, blurring the boundaries between online and offline activities. New conveniences come in with new hard security-related questions affecting more and more internet-connected devices, and data they generate, and networks to transport that data, etc. In October 2015, the Internet Society (ISOC) released a report The Internet of Things (IoT): An Overview which covers some of the threats and challenges caused by the global development and deployment of IoT technologies. CyberPulse spoke to Dan York, Senior Content Strategist at ISOC, on the threats which IoT brings and the questions it raises with a society as a whole and a common user or a state, or a private company, or the technical community in particular. How does the topic of Internet of Things (IoT) fit into your expertise? I started with the Internet Society four years ago and my focus was on deployment of key technologies to make the internet more secure and accessible: DNSSEC, routing security protocols, IPv6 etc. So, my background is security and communicating about security. But I ve always been interested in IoT. With the growth of the internet- 1
2 connected things gadgets, smartphones, wearables like Apple Watch and more things getting online network security becomes a great concern. Overtime we slowly got better at securing our laptops, smartphones and other devices. But now we re getting our refrigerators, baby-monitors, and all sorts of things on the internet. Look at this explosion of devices! I have a 6-year-old daughter, and I remember, when we got a baby-monitor that was basically a radio-thing. Now they are internet-connected and IPenabled, because people want to be able to go to work and watch their baby. First of all, the device is connected to the internet. And it is sending you data, a video-stream, to a server to which you have access through your phone. That data has to go through a number of points. This raises the question of transport security: is the data encrypted between your home and the server, and from the server to your smartphone? Then there's also the question of the device security. Can the attacker go into you network, get into that device and use it to look inside your house? There was a report a little while ago about the refrigerators that were being used as botnets: an attacker figured out how get into a smart refrigerator s interface, install there some malware that could then be used as bot to do DDoS attacks. I think it was Vint Cerf who said It s my worst nightmare, that a thousand of refrigerators hack Bank of America Exactly. You know, one of the challenges is the upgrade issue. For instance, look at this recent hacking experiment with the Chrysler Jeep in the US, where a journalist arranged for his Jeep to be hacked. The Jeep had an entertainment system that was internetconnected. Speaking of the security concerns around the IoT, that entertainment system was not compartmentalized from the rest of the car. The attackers were able to come in there over the wireless network into the entertainment system, compromise that and take control over the car. One issue is that internet-connected car obviously didn t have the security control in place, meaning that the attacker could compromise the entertainment system, and that system was not air-gapped. Another issue is how you upgrade these devices. When Chrysler Jeep needs an upgrade, you either have to bring your car to a dealer to do it or to download software to your USB-stick to do it yourself. How many people would necessarily do it on their own? There are small things like the Nest thermostat or internet-connected light bulbs that people can turn on remotely. But how much attention will be paid to upgrading their security? On the opposite extreme, Tesla has just released an upgrade for cars to make them selfdriving. Last week, somebody I know posted on social network, that he was downloading this upgrade to his Tesla car. Then he went on a 150 minutes drive, and the whole time the car drove itself but for only two minutes when he had to take control at some difficult parts on the Florida highway. But otherwise, he told the car where to go, and it just drove upon GPS instructions. But the upgrade happened over Wi-Fi. In contrast with the Chrysler model, when you have to upgrade with USB, Tesla is even more connected to the Internet with even more security challenges. It all comes back to trust in so many ways. If we want to use such technology, it is possible only if we trust the internet to be secure. I m wary of the whole self-driving 2
3 car concept when thinking of all the ways the car could be attacked. But I also know the benefits. I was flying back to Connecticut one night and I was too tired to drive home. So, I had to stay at the hotel that was a1 hour 30 minutes drive from my house and get some sleep so that I could drive home. In a self-driving car world I could have just said hey, drive me home, and if I trusted it and today it would still need some human intervention - I would be home with my family sooner. Would you say that the security challenge can slow down the deployment of IoT globally? At the moment, I don t think the security issues will slow it down because people want programmed convenience. From the market perspective, the vendors are rushing right ahead to win the market share. I think, at some point, there will be large-scale security issues for security incidents, which will cause more reflections and call for governments to get involved around consumer liability issues. If the vendors don t pay much attention to the security issues now, other players might get involved, which then can cause market impacts. Different levels of regulation could end up creating cost that could stifle innovation. That is why we believe that vendors need to be thinking about the security issues right now. Besides, security is a business issue in itself. Right. If a company is not paying attention to security, you will end up at some point with security breaches that are going to impact the trust in your product, in your credibility. If you look at the recent DEFCON security conference in Las Vegas area, a lot of the demos this year were all about IoT. It s a gigantic playground for people who are security researchers whether they are white hat or black hat. They want to do that, because so many devices get onto the market unprotected. This year the Chrysler Jeep story was partially done for that kind of audience. But there was also a live hack of a sniper rifle where you could change its orientation a little bit. So, if you re thinking that you devices security will not be tested by other people, you re naïve, because it will be. Another security report came out regarding baby-monitors security challenges, which were then filed with the respective companies. This was an ethical security research, but there could be less ethical people doing such testing. Are security solutions mostly focused on consumer devices or there are already some applying to businesses, industrial objects, like critical infrastructure that side of Internet of Things? Yes, there are lot of different layers to IoT, each of which has its own challenges, its own audiences on the security side and on the privacy side as well. It is interesting to look at the architectural models of your devices at home, or business, or anywhere else, that are communicating to the central hub, which then communicates back to servers. There s a number of different architectures each of which has different security and privacy concerns. Basically, you can learn about the internal infrastructure of a company from these servers. There are some security choices that we have of how these things are deployed that we are not necessarily thinking through. But we just rush to 3
4 get those technology benefits but we also need to make sure we re securing them correctly and we create a proper layer of trust. Would it be correct to say that for the moment there are efforts to create the uniformity in terms of standardization or finding solutions that would serve not just the particular niche, but a cluster? I think, we re seeing a lot of closed proprietary systems being developed right now, what we would call walled gardens. Because it is easier for a vendor to decide where they want to go, and you end up with a collection of solutions. But that s what we are seeing right now various alliances and consortiums emerge representing different vendors and different things in their closed environments. The problem is that when somebody stands out with innovative work that is often proprietary, at some point they would say it s in our business interests and come up with a new standard which would present a problem in terms of compatibility. But I think we re at the stage where we need to see where the market goes as people rush products to market, and try to win that space. At some point, the companies or the consumers might push back against being tied to one vendor or one consortium because of localized standard uniformity. At the moment, different standards are being developed at different platforms and at various levels. Within the IETF for instance there s a number of groups that are working on the IoT-related standards related to network transport level. The radio-related standards are developed within the ITU. But how global can standardization and regulation go when apparently different countries will want to have their own national legislation and their own certification. Could we probably end up with regional clusters? Yes. I think that s certainly one of those fragmentation issues around the standards. It s a very big concern for us globally for the internet in general because we see a lot of pressure from different areas, regions, countries running to set their own control over internet-related standards in general. It s not as plain as in ICANN, for instance, where all revolves around DNS and is based on the open internet standards which are the IETF standards. When you re getting to IoT, you re dealing with embedded operating systems, you re dealing with radios, and IEEE gets involved in some of the different physical interfaces. And then you get IETF standards as the network player with IP and IPv6 issues etc. So, you have a number of different standards there, that make it tricky in the regulatory sense too. And from what you ve seen there hasn t been a meaningful effort to unite all that? No, there have been groups, which are liaisoning between different standards organisations around these different topics. I m not personally involved, I m writing myself a note, that would be an excellent theme for us to talk about. In terms of IPv6, how much its slow development could or is slowing down IoT development? This is indeed a challenge, which has the potential to slow it down. We ve run out of IPv4 blocks here in Europe, in North America and Asia-Pacific as well. It s the case of 4
5 the source of the river, which has dried out. Now we are just dealing with the capacity of the river as it slowly continues to drain. This is the thing that puzzles me sometimes, when I talk to some vendors: I ask on IPv6, they say, Ah, we don t want to think about it. I ask: Do you understand, you are trying to deploy billions of new devices, and you just don t have the address block ranges? The good news is that the smarter IoT vendors realize the importance of the issue. Let us shift to the other side of this security complex. When we talk about devices and privacy concerns, companies always say, OK, you go to that tab, you opt out you re out of the game. How meaningful is that? There are all sorts of privacy concerns around IoT just because of the increasing amount of communicated data. One of the specific privacy challenges related to IoT is that, if we use an app or something like that, we can see those Terms of service, we can agree to it. But you ve got a smart refrigerator or a light bulb. Where is the user interface to say you want to opt in or opt out? There isn t. So, you have actually no way for a model where you have Terms of Service that you agree to. It simply doesn t work in an environment where everything is network-embedded and you have no user interfaces to it. And I don t know if there is an easy answer to that yet. But it seems to be less and less realistic to be able to give up a service not just technically but because we all don t live in a vacuum, we live in a social system, we are integrated in certain relationships within the community. I see that as a situation where you basically can t opt out because you can t opt out from a certain environment you live in, unless you just going to live in a forest. Exactly. It comes back to the question on how much of our privacy are we willing to give up for convenience of the service. If I want to be able to reach my home or office remotely, control my electricity spending etc., I need to admit that these services are building their business models around monetizing the data that circulates between home or office, central hub and the device. Besides, the whole talk around Save Harbor agenda might add yet another layer to this debate, like data transfer. Do you have any idea where this is potentially going? Yes indeed! That decision by the European Court of Justice is an interesting one. Before I joined the Internet Society, I had worked for a cloud vendor. We had this exact issue the European customers wanted their applications data to reside on servers that are not in the US, where the Patriot Act was enacted. So, it creates a really interesting challenge because we talk a lot about permission-less innovations whereby you don t have to ask permission from anybody to start up your own service. Wherever this service is started, you can do that and be able to access of the entire internet to make your service available to everyone. Now, if your innovation means you re storing user data, will you have to ensure that your European customers data is on European servers, or Russian customers data is on Russian servers? And we are back to the fragmentation issue. 5
6 Russia has passed a law requiring Russians personal data storage on the territory of the Russian Federation, which came into effect on 1 September This is the question of how do you support innovation that is fueled with the growth of internet-based economy. It looks that I can t offer my services to you in Russia unless I somehow figure out how to deal with the personal data of the Russian users of my product which I wrote with my two friends in my bedroom because we have this amazing new idea which will be the next Facebook. Now to make it in Russia, I ve got to be able to locate the data on a Russian server. The IoT plays right into that. If I want to sell my smart light bulbs in Russia, all that data that I m collecting from the Russian light bulbs users has to somehow come back to a Russian data-center which I then somehow have to connect to my data-center that might be in Europe, or in North America, or wherever. It is a serious business issue. It was a pain for my former employer to have to go to set up a separate data center and put up appropriate airgaps between the code and everything else. To go and make sure that European data stay in European servers. That was extra expense, extra software development. At the moment, many companies disclose in their transparency reports the law enforcement requests for user data which they receive. If this trend continues, triggered much by Snowden s revelations, when everyone rushed to publish their reports or at least retain the trust which was there, how can this be meaningfully continued? I agree that is certainly a challenge. Say, law-enforcement holds an investigation and needs to know if you were home on a certain day. You say you were home, they might want to subpoena your refrigerator records which show how many times the door was opened on that particular night. And all of a sudden you say you were home having dinner and drinking beer, and your refrigerator says, the door was not opened at all the entire time and the lights sensor says the no lights were on in your house. Then maybe your alibi doesn t really stand up! On the other hand, how trusted are those records? How do we know they were not compromised by somebody else or changed? Did anybody get in there and adjusted data so you weren t home even if you actually were? These are those security concerns, which are part of the grand scheme of things, which we have to work at. How do we ensure that law-enforcement can get the appropriate access where appropriate will vary by culture? The European version of what is appropriate access for lawenforcement will be different from the US version, which will be different from the Russian version. Obviously, some countries have a long history of privacy concerns and questions, and certainly others that do not necessarily have the same expectations. It is that question of how do we ensure necessary security capacity and do it in a way that doesn t block all developmental and convenience opportunities. What s your view of the communications encryption debate? How would that work with the proliferation of IoT? The debate is still on the table whether this should be default end-to-end encryption of communication, and as you know some 6
7 governments argue that they need to get backdoor opportunities to carry our effective law enforcement, but the techies say either you have it all, or nothing: you can t have preferential backdoors. We as the Internet Society have come out very strongly on this issue it s one of the few, I guess, extremely strong positions we have taken in supporting the Internet Architecture Board s statement. Encryption should be the default norm for all communications protocols across the internet. And we ve come out with that primarily because of the large-scale state surveillance issue, saying that the communication that implies privacy especially needs to be encrypted. Certainly, there are those among us who feel it should be end-to-end, there are others who want to focus on the transport ensuring that the state actors can t necessarily get to it on the network. That goes back to the question how we balance it with the legitimate needs of law-enforcement to obtain the information appropriately. You know, if my child is in danger I would want the law-enforcement every possible means to go and find the person. That becomes again a societal balancing. From the encryption point of view, we think that products should use encrypted protocols. That should be a norm of how these devices are developed, and law-enforcement needs to review their methods. We ve gone too far in having the large levels of mass surveillance, we need to look at how we protect ourselves. It s not just in sense of individuals, but also corporations and states which go for each others data which they have always done but with different means. There are efforts now to work out norms of state behavior in cyberspace at different levels. We see the UN Group of Governmental Experts, OSCE, Shanghai Cooperation Organization, even Microsoft as a private sector actor are all trying to work out these principles. There is another challenge that we focus on what we call a model of collaborate security which is this idea that no government alone can solve these security issues. We need to work together in this space. A number of governments including Russia call for an international treaty to ensure global security, but can the governments alone enforce it? And by the time we arrive at a treaty, it will be already outdated by the scope of technological evolution. Too often we are legislating things which are no longer relevant. One of the issues we ve been working on with the routing vendors is a project called MANRS which is mutually assured norms for routing security. It s a nonbinding, voluntary agreement between the entities that say, We re going to practice good hygiene on our data. This is a collaborative model of responsible behaviour as we like to say. In general, I think that security alone and privacy issues can overwhelm one when start to look through different things here and there. But if you look at the consumer benefits, the business benefits, the economic benefits, you get a different picture. I was a sceptic when I considered self-driving cars but then another friend of mine said, You know, I can t drive at night very well my eyesight is not very good. I would love a selfdriving car, because I can go longer distances at night. And you start to think the IoT has this capacity to change people s lives in very positive ways. I think the question we have as a society is how we enable the appropriate level of trust in the IoT and Internet of Everything as well to give us those opportunities. 7
KEEPING YOUR SANITY AS YOU EMBRACE CLOUD AND MOBILE
KEEPING YOUR SANITY AS YOU EMBRACE CLOUD AND MOBILE There s been lots of buzz about the tsunamis of change hitting IT. Talk of pivoting to the cloud, the growing mobile workforce, and the Internet of Things
More informationWearable Technology Evolution & Security: Grant Brown - Security Strategist Symantec
Wearable Technology Evolution & Security: Grant Brown - Security Strategist Symantec 3.58 KM 12.11 KPH 493 Calories 114 BPM WEARABLE TECH EVOLUTION AND SECURITY GRANT BROWN SECURITY STRATEGIST @thegrantbrown
More informationWHAT YOU NEED TO KNOW ABOUT CYBER SECURITY
SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes
More informationA parents guide to being Share Aware. Helping you to keep your child safe online
A parents guide to being Share Aware Helping you to keep your child safe online We tell children it s good to share, but online it s different. That s why we re asking parents to be Share Aware. Help keep
More informationSentrollers and The Internet of Things
White Paper May-2013 Sentrollers and The Internet of Things By: Cees Links, Founder and CEO GreenPeak Technologies www.greenpeak.com The new buzzword floating around the world is the Internet of Things,
More informationHIPAA Myths. WEDI Regional Affiliates. Chris Apgar, CISSP Apgar & Associates
HIPAA Myths WEDI Regional Affiliates Chris Apgar, CISSP Apgar & Associates Overview Missed Regulatory Requirements Common HIPAA Privacy Myths Common HIPAA Security Myths Other Related Myths Finding the
More informationWhite Paper: The SaaSy Approach to Delivering Electronic Health Records
This white paper explains how Amazing Charts in Cloud can transform your practice without forcing you to sacrifice productivity or take on the costs of hosting your own EHR. White Paper: The SaaSy Approach
More informationOne Voice. The most commonly used corporate telephone system is still the TDM PBX. Some companies
BT One We ve enjoyed being with you through the days of the Plain Old Telephone System. Over the years we ve supported your phone lines, your private branch exchanges and your calls. Now we re here to
More informationThe 12 Step Follow Up System Finally A Follow Up System That s Simple, FUN and Most Importantly PROFITABLE!
The 12 Step Follow Up System Finally A Follow Up System That s Simple, FUN and Most Importantly PROFITABLE! Copyright 2013, All Rights Reserved Nancy Matthews Page 1 Congratulations! Welcome you to the
More informationHong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
More informationDean Bank Primary and Nursery School. Secure Storage of Data and Cloud Storage
Dean Bank Primary and Nursery School Secure Storage of Data and Cloud Storage January 2015 All school e-mail is disclosable under Freedom of Information and Data Protection legislation. Be aware that anything
More informationHIPAA MYTHS: DON T ALWAYS BELIEVE WHAT YOU HEAR. Chris Apgar, CISSP
HIPAA MYTHS: DON T ALWAYS BELIEVE WHAT YOU HEAR Chris Apgar, CISSP 2015 OVERVIEW Missed Regulatory Requirements Common HIPAA Privacy Myths Common HIPAA Security Myths Other Related Myths Finding the Right
More informationStreaming and content sharing on Philips TVs
Streaming and content sharing on Philips TVs To support a wide selection of second-screen usage scenarios, the Philips TVs support various state-ofthe-art streaming applications. Philips MyRemote app featuring
More informationSelecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns
Selecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns by Sharon D. Nelson, Esq. and John W. Simek 2013 Sensei Enterprises, Inc. It seems like everybody is talking about the
More informationGreenPeak White Paper Wireless Communication Standards for the Internet of Things
GreenPeak White Paper Wireless Communication Standards for the Internet of Things By Cees Links, CEO GreenPeak Technologies GreenPeak Technologies www.greenpeak.com This white paper provides an overview
More informationNETWORK SECURITY, REIMAGINED FPO
FPO NETWORK SECURITY, REIMAGINED by Derek Korte AS TENS OF BILLIONS OF NEW DEVICES GET CONNECTED, BUSINESS AND SOCIETY MUST RETHINK SECURITY, PRIVACY, AND OPPORTUNITY Illustration JUSTIN GABBARD Smart
More informationKim: Thank you Todd, I m delighted to be here today and totally looking forward to our conversation.
Filename: P4P 019 The Facts of Life Insurance Todd: [0:00:18] Hey everybody, welcome to another edition of The Prosperity Podcast, this is No BS Money Guy Todd Strobel. Once again, we re lucky enough to
More informationBYOD report. Comms-care commissioned survey highlighting the change in Bring Your Own Device (BYOD) issues over the past twelve months
BYOD report Comms-care commissioned survey highlighting the change in Bring Your Own Device (BYOD) issues over the past twelve months new technologies 0833v1 BYOD report Security provisions for BYOD grow
More informationWe ve enjoyed being with you through the days of the Plain Old Telephone System.
BT One Voice BT One We ve enjoyed being with you through the days of the Plain Old Telephone System. Over the years we ve supported your phone lines, your private branch exchanges and your calls. Now we
More informationUPnP: The Discovery & Service Layer For The Internet of Things April 2015
UPnP: The Discovery & Service Layer For The Internet of Things April 2015 The First Chapter: The Connected Home In late 1999, the founding members of what would become the UPnP Forum started to put together
More informationHIPAA Myths. WEDI Member Town Hall. Chris Apgar, CISSP Apgar & Associates
HIPAA Myths WEDI Member Town Hall Chris Apgar, CISSP Apgar & Associates Overview Missed Regulatory Requirements Common HIPAA Privacy Myths Common HIPAA Security Myths Other Related Myths Finding the Right
More informationThe Open Internet Speech
The Open Internet Speech The Internet is fast becoming the dominant medium in the world. More than a third of the earth s population is connected. Facebook is the third largest country in the world and
More information3 Email Marketing Security Risks. How to combat the threats to the security of your Email Marketing Database
3 Email Marketing Security Risks How to combat the threats to the security of your Email Marketing Database Email Marketing Guide June 2013 Security Threats PROTECTING YOUR EMAIL DATABASE FROM HACKERS
More informationColleen s Interview With Ivan Kolev
Colleen s Interview With Ivan Kolev COLLEEN: [TO MY READERS] Hello, everyone, today I d like to welcome you to my interview with Ivan Kolev (affectionately known as Coolice). Hi there, Ivan, and thank
More informationAskAvanade: Answering the Burning Questions around Cloud Computing
AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,
More informationMulti-Factor Authentication
Making the Most of Multi-Factor Authentication Introduction The news stories are commonplace: Hackers steal or break passwords and gain access to a company s data, often causing huge financial losses to
More informationBeyond the Hype: Advanced Persistent Threats
Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,
More informationAVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com
AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS ftrsecure.com Can You Separate Myths From Facts? Many Internet myths still persist that could leave you vulnerable to internet crimes. Check out
More informationChair: Stephen Darvill (Logica) Raporteur: Edward Phelps (EURIM) SUMMARY OF ROUND TABLE STATEMENTS AND DISCUSSION
1 Summary Report of the Directors Round Table on Information Governance, 1600-1800, 24 th November 2008, The Boothroyd Room, Portcullis House, Westminster Chair: Stephen Darvill (Logica) Raporteur: Edward
More informationHow to Meet EDI Compliance with Cloud ERP
How to Meet EDI Compliance with Cloud ERP Lincoln: This is Trek Talk, the Cloud ERP podcast and today s topic is Advantages of an EDI Compliant Cloud ERP. With cloud ERP you can meet your goals for EDI
More informationHow Network Operators Do Prepare for the Rise of the Machines
Internet of Things and the Impact on Transport Networks How Network Operators Do Prepare for the Rise of the Machines Telecommunication networks today were never designed having Inter of Things use cases
More informationYOUR GUIDE TO PANDORA 5OOO CAR SECURITY SYSTEM
RUSSIAN DESIGN CAR SECURITY SYSTEMS YOUR GUIDE TO PANDORA 5OOO CAR SECURITY SYSTEM Welcome to your guide for Pandora car security systems. This guide is mainly focused on our flagman Pandora 5OOO product
More informationEnterprise mobility trends 2015 and beyond
Sponsored by >> Whitepaper Enterprise mobility trends 2015 and beyond How to best manage mobile in the workplace and deal with challenges from current and emerging technologies FEBRUARY 2015 resources
More informationIs Cloud Computing Inevitable for Lawyers?
Is Cloud Computing Inevitable for Lawyers? by Sharon D. Nelson and John W. Simek 2015 Sensei Enterprises, Inc. Not a single day goes by when you don t hear something about cloud computing. It could be
More informationTHE TOP 5 WAYS TODAY S SCHOOLS CAN UPGRADE CYBER SECURITY. Public School Cyber Security is Broken; Here s How to Fix It
THE TOP 5 WAYS TODAY S SCHOOLS CAN UPGRADE CYBER SECURITY Public School Cyber Security is Broken; Here s How to Fix It COPYRIGHT 2015 isheriff, INC. SCHOOLS NEED TO UPGRADE CYBER SECURITY It s become a
More informationBEHIND OUR DIGITAL DOORS: CYBERSECURITY & THE CONNECTED HOME. Executive Summary
BEHIND OUR DIGITAL DOORS: CYBERSECURITY & THE CONNECTED HOME Executive Summary In support of National Cyber Security Awareness Month (October), ESET and the National Cyber Security Alliance (NCSA) commissioned
More informationWi-Fi Security. More Control, Less Complexity. Private Pre-Shared Key
Wi-Fi Security More Control, Less Complexity Private Pre-Shared Key Mobility Meets Security Are the consumer devices in your environment exploding? Are your employees bringing their own devices? And has
More informationStandardizing the Internet of Things; Boiling the Ocean
Standardizing the Internet of Things; Boiling the Ocean Jim Sinopoli, PE, LEED AP Smart Buildings LLC By now, we all know the basics of the Internet of Things (IoT). Everything will be connected to every
More informationClouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst
Clouds on the Horizon Cloud Security in Today s DoD Environment Bill Musson Security Analyst Agenda O Overview of Cloud architectures O Essential characteristics O Cloud service models O Cloud deployment
More information30 BILLION RISKS AND REWARDS OF CONNECTED DEVICES THE INTERNET OF THINGS CYBER LANDSCAPE TODAY
RISKS AND REWARDS OF CONNECTED DEVICES THE HIDDEN INTERNET OF THINGS ISACA 2015 IT RISK / REWARD BAROMETER The Internet of Things paints a vision of a carefree, seamlessly connected world where interconnected
More informationInternet of Things From Idea to Scale
PRG Symposium Internet of Things From Idea to Scale September 12, 2014 alex.blanter@atkearney.com @AlexBlanter You are here today because you are interested in the Internet of Things and so is everybody
More informationplatforms Android BlackBerry OS ios Windows Phone NOTE: apps But not all apps are safe! malware essential
Best Practices for Smartphone Apps A smartphone is basically a computer that you can carry in the palm of your hand. Like computers, smartphones have operating systems that are often called platforms.
More informationSmall businesses: What you need to know about cyber security
Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...
More informationToday s mobile ecosystem means shared responsibility
It seems just about everybody has a mobile phone now, including more than three-quarters of U.S. teens and a rapidly growing number of younger kids. For young people as well as adults, the technology has
More informationHow the Lizard Squad Took Down Two of the Biggest Networks in the World
1 How the Lizard Squad Took Down Two of the Biggest Networks in the World During the 2014 Christmas holidays, millions of people all over the world were subjected to an unwanted gift. They sat down to
More informationBest Practices in Mobile Enterprise App Strategy, Development and Deployment
Best Practices in Mobile Enterprise App Strategy, Development and Deployment A Customer Conversation with Daimler Trucks North America Recorded: December 9, 2011 TRANSCRIPT Participants: Moderator: Joanie
More informationMark Corcoran interviews Timothy Pilgrim Australian Privacy Commissioner.
1 Foreign Correspondent. Mark Corcoran interviews Timothy Pilgrim Australian Privacy Commissioner. Q What s your perspective on the significance of this emerging technology, UAV or drone technology, as
More informationMonetizing The Internet Of Things: A Convenient How Not To Guide. Paul R Brody Principal & Strategy Leader, Technology Sector July 2015
Monetizing The Internet Of Things: A Convenient How Not To Guide Paul R Brody Principal & Strategy Leader, Technology Sector July 2015 The future is already here, it s just not evenly distributed. William
More informationHome Automation and Cybercrime
Trend Micro Incorporated Research Paper 2013 Home Automation and Cybercrime By: Ranieri Romera Contents Introduction...1 Distribution...2 Installation...3 Backdoor...3 Network Traffic Encryption... 5 Infrastructure...7
More informationWhy You Need Email Archiving
Why You Need Email Archiving www.exclaimer.com Table of Contents Introduction...2 The IT Administrator...3 The Email User...5 The Team Leader...6 The Senior Manager/Business Owner...7 Conclusion...8-1
More informationIT & DATA SECURITY BREACH PREVENTION A PRACTICAL GUIDE. Part I: Reducing Employee and Application Risks
IT & DATA SECURITY BREACH PREVENTION A PRACTICAL GUIDE Part I: Reducing Employee and Application Risks As corporate networks increase in complexity, keeping them secure is more challenging. With employees
More informationBring your. own device
Bring your own device BYOD One thing is clear: Bring Your Own Device has landed and is here to stay. Employers need to understand what it means, the benefits it could bring and the risks it presents to
More informationHow To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device
Ten Tips for Managing Risks on Convergent Networks The Risk Management Group April 2012 Sponsored by: Lavastorm Analytics is a global business performance analytics company that enables companies to analyze,
More informationThe Truth About Enterprise Mobile Security Products
The Truth About Enterprise Mobile Security Products Presented by Jack Madden at TechTarget Information Security Decisions 2013 Welcome to my enterprise mobile security product session! Instead of printing
More information"Bring Your Own Device" Brings its Own Challenges
6 June 2012 "Bring Your Own Device" Brings its Own Challenges By Susan McLean and Alistair Maughan The consumerisation of IT is the growing trend for information technology to emerge first in the consumer
More informationMOBILE MARKETING. A guide to how you can market your business to mobile phone users. 2 April 2012 Version 1.0
MOBILE MARKETING A guide to how you can market your business to mobile phone users 2 April 2012 Version 1.0 Contents Contents 2 Introduction 3 Skill Level 3 Terminology 3 Video Tutorials 4 What is Mobile
More informationInternet of Things (IoT): A vision, architectural elements, and future directions
Internet of Things (IoT): A vision, architectural elements, and future directions By IOT Group Salah Amean Ahmmed Saeed Authors: Gubbi, Jayavardhana Buyya, RajkumarMarusic, Slaven Palaniswami, Marimuthu
More informationTNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
More informationSSL Encryption and Traffic Inspection ADDRESSING THE INCREASED 2048-BIT PERFORMANCE DEMANDS OF 2048-BIT SSL CERTIFICATES
SSL Encryption and Traffic Inspection ADDRESSING THE INCREASED 2048-BIT PERFORMANCE DEMANDS OF 2048-BIT SSL CERTIFICATES Contents Introduction 3 SSL Encryption Basics 3 The Need for SSL Traffic Inspection
More informationCopyright 2015 EMC Corporation. All rights reserved. 1
Copyright 2015 EMC Corporation. All rights reserved. 1 ROADMAP INFORMATION DISCLAIMER EMC makes no representation and undertakes no obligations with regard to product planning information, anticipated
More informationHere a token, there a token...
Here a token, there a token... By PYMNTS@pymnts - What s Next In Payments 6:15 AM EDT June 26th, 2015 Tokenization may not be new, but it is a hot topic in payments, thanks to the introduction of the network
More informationThe Internet of Things Risks and Challenges
The Internet of Things Risks and Challenges Providing the insight that enables our customers to make informed business decisions. Antony Price 03rd March 2015 Contents Internet of Things - The next threat
More informationSales Presentation Renovation
Sales Presentation Renovation The Sales Presentation is one of the final steps toward the great sales divide, getting a signature on the dotted line or losing the business. How you perform in this presentation
More informationNCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.
NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities
More informationService Providers and WebRTC
Whitepaper Service Providers and WebRTC New Product Opportunities Over- the- Top (OTT) services are those that deliver communications features to customers but are apps running on the data network rather
More informationAn Update on Mobility in Today s Internet. Geoff Huston, APNIC Labs November 2015
An Update on Mobility in Today s Internet Geoff Huston, APNIC Labs November 2015 Why? Why should we be concerned about the mobile Internet environment? Why? Why should we be concerned about the mobile
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationARP and DNS. ARP entries are cached by network devices to save time, these cached entries make up a table
ARP and DNS Both protocols do conversions of a sort, but the distinct difference is ARP is needed for packet transfers and DNS is not needed but makes things much easier. ARP Address Resolution Protocol
More informationJust Net Coalition statement on Internet governance
Just Net Coalition statement on Internet governance (Just Net Coalition is a global coalition of civil society actors working on Internet governance issues) All states should work together to provide a
More informationTHEIR Things or OUR Things? It s a sad, rainy day. Your house: today and in 2025. 2 Think about your own life. 3 If 2025 is like today, this is true.
Presentation to IoT Silicon Valley, 2015-01-20 1 Usually shiny new thing presentation. This is not. THEIR Things or OUR Things? Two goals: 1. Think about the big picture. Extrapolate. World you want for
More informationCloud Computing: The Gathering Storm
Cloud Computing: Independent research Martin Wootton, RS Consulting Cloud Computing: The Gathering Storm What UK consumers really feel about cloud-based services We rely more than ever on computing and
More informationHow To Get A Story Out Of A Story
Public Relations in the Education market The essence of PR is a clash of wants and desires. PR involves telling journalists, producers and editors about your product or service in a way that results in
More informationConnecting things. Creating possibilities. A point of view
Connecting things. Creating possibilities. A point of view Is the next technological revolution already here? The Internet of Things is already transforming our daily lives, our health, education and businesses.
More informationSecuring our information we have the technology; we just have to have the will to do it
Interview with Arjen Kamphuis, information technology specialist Securing our information we have the technology; we just have to have the will to do it Author: Valentina Novak "The hackers need you as
More informationSMALL BUSINESS IT SECURITY PRACTICAL GUIDE
SMALL BUSINESS IT SECURITY PRACTICAL GUIDE How to make sure your business has comprehensive IT security protection #protectmybiz Small businesses come in all shapes and sizes. But in today s world, no
More informationThank you so much for having me. I m really excited to be here today.
Welcome to The Boomer Business Owner. My guest today is Ty Crandall. Ty is an honorary Baby Boomer, internationally known speaker, author, and business credit expert. With over 16 years of financial experience,
More informationLife With Hope I m Not An Addict I M NOT AN ADDICT 147
I M NOT AN ADDICT How could I be an addict? My life is great. I live in a very good area of Los Angeles, drive a nice sports car, have a good job, pay all my bills, and have a wonderful family. This is
More informationSeven Ways to Create an Unbeatable Enterprise Mobility Strategy
Seven Ways to Create an Unbeatable Enterprise Mobility Strategy A practical guide to what business and IT leaders need to do NOW to manage their business s mobile future By Arun Bhattacharya, CA Technologies
More informationDigital Citizenship Lesson Plan
Digital Citizenship Lesson Plan This course is to help people to understand how to use the Internet in a safe, productive way. Additional resources and links are available on the TechTECS website. http://techtecs.com/digital-citizenship
More informationThe partnership has also led to a joint library catalogue between Suffolk and Cambridgeshire.
Case study: SPINE 2 What Our questionnaire response tells us that SPINE (Shared Partnership in the East) is: A partnership of library authorities comprising Cambridgeshire, Suffolk and Norfolk, focused
More informationWatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com
SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION
More informationMonitoring the team s performance
Monitoring the team s performance Why does your team need to be monitored? How can performance be monitored? You should ensure that you monitor only what is really important. In the two BS2 sessions Making
More informationCyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799
Cyber Security An Executive Imperative for Business Owners SSE Network Services www.ssenetwork.com 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799 Pretecht SM by SSE predicts and remedies
More informationHow to make a VPN connection to our servers from Windows 8
How to make a VPN connection to our servers from Windows 8 Windows 8 is able to make a newer type of VPN connection called a Secure Socket Tunnelling Protocol (SSTP) connection. This works just like a
More informationShould you allow your employees to bring their own technology to work?
Should you allow your employees to bring their own technology to work? August 2014 Should you allow your employees to bring their own technology to work? Known by a number of terms such as Bring Your Own
More informationWHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR
KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST Protecting Identities. Enhancing Reputations. IDT911 1 DATA BREACHES AND SUBSEQUENT IDENTITY THEFT AND FRAUD THREATEN YOUR ORGANIZATION
More informationMusic, Film, TV and the Internet. A guide for parents and teachers
Music, Film, TV and the Internet A guide for parents and teachers Music, film and TV on the internet what you should know There are many great ways of accessing music, film, TV and video safely and legally
More informationSeven Things You Must Know Before Hiring a Real Estate Agent
Seven Things You Must Know Before Hiring a Real Estate Agent 1 Introduction Selling a home can be one of the most stressful situations of your life. Whether you re upsizing, downsizing, moving across the
More informationInternet of Things (IoT): Security Awareness. Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com
Internet of Things (IoT): Security Awareness Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com So What is the Internet of Things Network of physical objects embedded with: Electronics, software, sensors
More informationSMALL BUSINESS IT SECURITY PRACTICAL GUIDE
SMALL BUSINESS IT SECURITY PRACTICAL GUIDE How to make sure your business has comprehensive IT security protection #protectmybiz Small businesses come in all shapes and sizes. But in today s world, no
More informationA Future Without Secrets. A NetPay Whitepaper. www.netpay.co.uk www.netpay.ie. more for your money
A Future Without Secrets A NetPay Whitepaper A Future Without Secrets The new business buzz word is Big Data - everyone who is anyone in business is talking about it, but is this terminology just another
More informationINFORMATION SECURITY GUIDE. Cloud Computing Outsourcing. Information Security Unit. Information Technology Services (ITS) July 2013
INFORMATION SECURITY GUIDE Cloud Computing Outsourcing Information Security Unit Information Technology Services (ITS) July 2013 CONTENTS 1. Background...2 2. Legislative and Policy Requirements...3 3.
More informationFirst of all Let's look at how you would connect your laptop via Ethernet, as it is the easier of the two methods.
How to get a Internet Connection on your laptop This guide will help you to get an internet connection on your laptop either via Wi-Fi (e.g. in a café or hotel) or via Ethernet (the RJ45 type connector
More informationThanasis Velios podcast
podcast Hello, and welcome to this JISC podcast interview. In this series we re speaking to people working on projects being funded by JISC s research data spring project to find out more about what they
More informationZCorum s Ask a Broadband Expert Series:
s Ask a Broadband Expert Series: The Advantages of Network Virtualization An Interview with Peter Olivia, Director of Systems Engineering ZCorum 1.800.909.9441 4501 North Point Parkway, Suite 125 Alpharetta,
More informationThere are two new acronyms affecting most businesses today. And, like all change, these can have both positive and negative impacts on your business.
There are two new acronyms affecting most businesses today. And, like all change, these can have both positive and negative impacts on your business. We put this document together to help you understand
More informationThe Ubiquitous Web, UPnP and Smart Homes
The Ubiquitous Web, UPnP and Smart Homes Franklin Reynolds Nokia Research Center, Cambridge franklin.reynolds@nokia.com 1 NOKIA PCG.PPT / 15 6 2004 / Franklin Reynolds Our Vision "The essence of this vision
More information5IMPROVE OUTBOUND WAYS TO SALES PERFORMANCE: Best practices to increase your pipeline
WAYS TO 5IMPROVE OUTBOUND SALES PERFORMANCE: Best practices to increase your pipeline table of contents Intro: A New Way of Playing the Numbers Game One: Find the decision maker all of them Two: Get ahead
More informationYour guide to using new media
Your guide to using new media A comprehensive guide for the charity and voluntary sector with tips on how to make the most of new, low cost communication tools such as social media and email marketing.
More informationA Parents Guide to. 2014 ConnectSafely.org
A Parents Guide to 2014 ConnectSafely.org Parenting in the age of social media can be tricky. Australians are amongst the highest users of social media in the world, averaging 22 hours per week per person.
More information