Blog

We are in the GDPR home straight with the finish line in sight. However, that thing we see is not the finish line but the deadline. We are now only weeks away from the inception of the new GDPR regulation, that fundamentally changes the way organizations manage, process and protect personal information.

Are organizations ready to manage consent, reporting of a data breach, subject access requests etc., etc.?

Do organizations understand how exposed their business and brand could be?

Is the #RSA security bubble bursting?

Reflecting on what was a very long and industrious week in San Francisco, it’s important to try and decode, decipher, and maximize the investment in such an event.

With record numbers of people attending and over 1,700 security companies present, of which most customers apparently buy from over 50 on average, the security web is only becoming more prevalent and significant to us all.

Back in April 2017, Device Authority’s CTO Rao Cherukuri wrote a blog titled “IoT Security is too critical to be an optional extra – Security by design, from the beginning” – detailing key recommendations for securing IoT devices.

We continue to see a distinct difference between security products and secure products. Which is also the difference between detect/respond and protect/prevent. Prevention is better than cure.

Connected medical devices help improve patient health in many ways, such as allowing doctors to adjust implanted devices without resorting to dangerous invasive procedures, transmitting vital medical data remotely, performing real-time patient monitoring in intensive care units, and much more. But with those rewards come risks. Medical IoT devices also present significant potential security hazards, and they’re getting worse.

The importance of protecting Identity, Integrity and Data security policies of participating IoT nodes in the Blockchain network 

A blockchain network is only as secure as its infrastructure

As predicted, botnet enabled malware attacks continue. The latest discovered is Okiru (meaning Wake Up in Japanese).  Okiru has the potential to reach BILLIONS of Internet of Things (IoT) devices due to its implementation! Okiru’s release specifically highlights the exposure of unsecure IoT devices again and continues to show the sophistication of hackers in utilizing IoT connected devices in orchestrating significant attacks.

It’s the start of a new year, and while everyone has reflected on 2017, emphasis is on making an even bigger impact in 2018 for the whole IoT ecosystem: IoT platforms, certificate authorities, device OEMs, IoT gateways, system integrators and ISVs.

The IoT market is continuing to grow with the install base of IoT devices set to reach over 30 billion by 2020 (according to IHS) and this brings a wealth of benefits and challenges.

But how will this affect what will happen in 2018? Read on…

Last month (November 2017), the European Union Agency for Network and Information Security (ENISA) published a report on ‘Baseline Security Recommendations for IoT in the context of Critical Information Infrastructures’ which included input from ARM, Kaspersky Lab, Symantec, Huawei, Siemens, IBM, Microsoft and many more. The report provides insight into IoT security, looking at the various attack surfaces and threats, and proposing best practices and security recommendations to protect IoT devices, data and systems.

Back in October 2016 we experienced the Mirai botnet malware, which leveraged the use of weak credentials, particularly passwords – usually guessing the default passwords which manufacturer’s ship devices with. The solution? Easy, just update your password!

Back in October 2016 we experienced Mirai, which took down popular websites and services including Twitter, Airbnb and Netflix. Mirai leveraged the use of weak credentials, particularly passwords – usually guessing the default passwords which manufacturer’s ship devices with. The solution? Easy, just update your password!