Internet of Things (IoT): Security Awareness. Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com

Similar documents
BYOzzzz: Focusing on the Unsolved Challenges of Mobility, An Industry Perspective

The Internet of Things Risks and Challenges

How To Understand The Power Of The Internet Of Things

Emerging Technologies in Healthcare:

The Internet of Things (IoT) Opportunities and Risks

The Internet of Things (IoT) and Industrial Networks. Guy Denis Rockwell Automation Alliance Manager Europe 2015

Connecting things. Creating possibilities. A point of view

Securing Smart City Platforms IoT, M2M, Cloud and Big Data

Securing the Growth of IoT and M2M

Transformational Smart Cities: cyber security and resilience

IoT basics: Getting started with the Internet of Things

Security Threats on National Defense ICT based on IoT

IoT Prospects of Worldwide Development and Current Global Circumstances

The Internet of Things (IoT)

How to build a security assessment program. Dan Boucaut

What is Really Needed to Secure the Internet of Things?

Security Issues with Integrated Smart Buildings

CONECTIVIDAD EN LA ERA DEL IOT THE INTERNET OF THINGS

Bring Your Own Internet of Things: BYO IoT

The Amazing Future of the IoE

internet of things Patrick Pax Business Development Manager Chris Geary Innovation Manager

GOVERNMENT AND THE INTERNET OF THINGS (IOT) FINDINGS AND RECOMMENDATION OF ATARC S INTERNET OF THINGS INNOVATION LAB NOVEMBER, 2015

Fostering Incident Response and Digital Forensics Research

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis,

Frost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends

Internet of Things markets

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M

M2M Communications and Internet of Things for Smart Cities. Soumya Kanti Datta Mobile Communications Dept.

Cisco to work with JDA to make Jaipur a smart city- Economic Times-21 May

FORRESTER CONSULTING INTERNET OF THINGS SURVEY - KEY FINDINGS. Building Value from Visibility: 2012 Enterprise Internet of Things Adoption Outlook

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

Dr. György Kálmán

Update On Smart Grid Cyber Security

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

M2M & Internet of Things Opportunities

How To Protect Your Network From Attack

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE

SECURITY & ACCESS CONTROL SYSTEM BASED PROJECTS

IOT: When Things Crawl Into Your Corporate Network #RSAC

Affordable Building Automation System Enabled by the Internet of Things (IoT)

In the pursuit of becoming smart

The Internet of Things

SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005

Leveraging the Internet of Things in Marketing

EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015

Now and Tomorrow. IEEE/AICCSA Conference November 2014 Malike Bouaoud Cyber Security Advisor

Trusted Network Connect (TNC)

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Airports and their SCADA Systems. Dr Leigh Armistead, CISSP. Peregrine Technical Solutions

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz , ICSG 2014

OCR LEVEL 3 CAMBRIDGE TECHNICAL

KEY STEPS FOLLOWING A DATA BREACH

A ZK Research Whitepaper. November e t. It s INTERNET OF THINGS

Development and Outlook of Internet of Things in China. CATR of MIIT June 5, 2012

An Introduction to the Internet of Things (IoT)

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8.

Business models in the Internet of Things. Miriam Cordero Head of Strategy - BT

Cyber Security for SCADA/ICS Networks

MES and Industrial Internet

SECURITY CONSIDERATIONS FOR LAW FIRMS

Smart Substation Security

Technology Implications of an Instrumented Planet presented at IFIP WG 10.4 Workshop on Challenges and Directions in Dependability

- M2M Connections & Modules: Network connections, sim-cards, module types.

Facing Up to the Threats of Cyber A6acks in a 5G World

The Internet of Things From a User Perspective: Enhancing user experience in networks with multiple devices

WHITE PAPER Security in M2M Communication What is secure enough?

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

The Industrial Internet of Things. Overcoming Adoption Challenges to Release the Value Within IIoT

The Importance of Cybersecurity Monitoring for Utilities

PCI Solution for Retail: Addressing Compliance and Security Best Practices

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

13 Ways Through A Firewall

RIOT CONTROL The Art of Managing Risk for Internet of Things

Information Technology Branch Access Control Technical Standard

Detailed Description about course module wise:

exceet Secure Solutions Smart & Secure Network From Vision to Reality

White Paper. Information Security -- Network Assessment

Cloud Computing Risks & Reality. Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com

Impact of Internet of Things (IoT) on Industry and Supply Chain

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Protecting Critical Infrastructure

Challenges. Department of Informatics University of Oslo. Presenter. October 25, 2011

PROJECT BOEING SGS. Interim Technology Performance Report 1. Company Name: The Boeing Company. Contract ID: DE-OE

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

Connecting the Internet of Things Inside the Home

M2M. In an IoT World. Whitepaper.

Cyber Security. Securing Your Mobile and Online Banking Transactions

Transcription:

Internet of Things (IoT): Security Awareness Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com

So What is the Internet of Things Network of physical objects embedded with: Electronics, software, sensors Network connectivity Ability for objects to collect and exchange data Objects to be sensed and controlled remotely across existing network infrastructure Direct integration between the physical world and computerbased systems Resulting in improved efficiency, accuracy and economic benefit

So What is the Internet of Things Each thing is uniquely identifiable through its embedded computing system Able to interoperate within the existing Internet infrastructure It is estimated that only 1% of things are connected to the Internet today and that IoT will consist of almost 30-50 billion objects by 2020

Smart IoT Implementations Cities Smart Parking Noise Urban Maps Traffic Congestion Smart Lighting Structural Health Waste Management Environment Forest Fire Detection Earthquake Early Detection Landslide and Avalanche Air Pollution Retail Product Management Supply Chain Control Intelligent Shopping Applications NFC Payments RFID Room Charges Water River Floods Water Quality Water Leakage Transportation Cars

Security Issues of IoT

So What are the issues with IoT Vendors are more concerned with getting the things out on the Internet Speed to Market, being first Connectivity is more important than security End Users may not know a device is connected Vendors may not understand threats and risks

IoT Threats and Risks Attacks on Devices Control or damage the device Use the device for distributed computing Attack other Systems with the Device Compromise and attack other systems/devices through distributed computing Use the Device for Information Gathering Network sniffing and data collection Vendor Views Who would want to attack a washing machine, toaster oven or wearable

Industrial IoT Smart Meters and Grid Controls Interconnected Minimal Human Monitoring mainly M2M SCADA Systems Minimal Security Designed as Closed System

Retail IoT Point of Sale Systems, Scanners, Kiosks Mobile Device Payment Applications Radio-frequency identification (RFID) Debit, Credit Cards, Hotel Near Field Communication (NFC) Mobile Payments Coupons Instore Customer Tracking Many systems are outdated & left unpatched

Smart Home IoT Security Privacy Authentication Internet Access Consumer Education http://www.zigbee.org/

Internet and the IoT Webcams Businesses, Cities, Vacation Resorts, Highways, etc. Open Webservers for IoT Devices Home Automation Accessible via Routers Unpatched or not Password Protected Smart Home WiFi Leakage WiFi Passwords

Today s Security Incidents Card Skimmers Cyber Espionage Point of Sales Intrusions Web Application Attacks Physical Loss or Theft Denial of Service Attacks Crimeware Errors Insider Misuse Everything Else

A World of Things Things are - Designed, Created, Implemented and Connected by People Data is Collected and Stored by People People are still our weakest link in Security and Privacy It is easier to integrate Security and Privacy upfront, than fix later

IoT Security Network Security Architecture Network, Application and Device Segmentation or Segregation Understand your network and how it functions Vendor Understand the device security capabilities Control vendor access to the network Understand the associated risks Implement Compensating Security Controls Monitoring IDS, SIEM, Network, Switches, Routers Applications

IoT Information Security & Privacy Information Security and Privacy is not just about having strong passwords, its about Governance, Risk Management, understanding where your Information resides, Implementing Security Controls, Monitoring and Reporting This means The Internet of Things as well!

Questions

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information