IoT Security and Risk Management

Similar documents
Internet of Things. Security Challenges & Risk Management. Col Inderjeet Singh Director Smart Cities, Scanpoint Geomatics 12 May 2017

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

CYBER SECURITY AIR TRANSPORT IT SUMMIT

Cyber Security in Smart Commercial Buildings 2017 to 2021

Cybersecurity Auditing in an Unsecure World

Real estate predictions 2017 What changes lie ahead?

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Choosing the Right. Ethernet Solution. How to Make the Best Choice for Your Business

Cyber Security: Threat and Prevention

IoT, Cloud and Managed Services Accelerating the vision to reality to profitability

Cyber Threat Landscape April 2013

Digital Trust Ecosystem

Strategies for a Successful Security and Digital Transformation

OpenbankIT: a banking platform for e- money management based on blockchain technology

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

716 West Ave Austin, TX USA

Personal Cybersecurity

Cloud-Enable Your District s Network For Digital Learning

Mobile World Congress Claudine Mangano Director, Global Communications Intel Corporation

Introduction to Device Trust Architecture

Strong Security Elements for IoT Manufacturing

DEALING WITH A CYBER FUTURE THAT IS ALREADY HERE. Rob Clyde, CISM, ISACA International VP, Board Member April 2015

CYBER SOLUTIONS & THREAT INTELLIGENCE

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

2017 THALES DATA THREAT REPORT

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Verizon Software Defined Perimeter (SDP).

Managing SaaS risks for cloud customers

Banking Technology Trends

Operationalizing the Three Principles of Advanced Threat Detection

Vendor Risk Management. How to Confront Third-Party Cyber Risk in Your Supply Chain

Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center

A new approach to Cyber Security

Digital Transformation through Open Software Defined Infrastructure Justin Dustzadeh, Vice President and Head of Global Infrastructure Network

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Why the cloud matters?

EMERGING TRENDS IN WHITE COLLAR CRIMES

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

in collaboration with

European Union Agency for Network and Information Security

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

City as a Platform: From Vision to Reality

CLOUD COMPUTING. The Old Ways Are New Again. Jeff Rowland, Vice President, USAA IT/Security Audit Services. Public Information

BYOD the HP Way: Secure, Device-Agnostic Network Access Management Jochen Fischer Solution Architect (MASE) September 2013

Cyber Security Updates and Trends Affecting the Real Estate Industry

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Internet of Things (IoT) Securing the Connected Ecosystem

Fine-Grained Access Control

What It Takes to be a CISO in 2017

The Internet of Things. Presenter: John Balk

Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs

Cisco Borderless Networks Value Proposition

10 Hidden IT Risks That Might Threaten Your Business

Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter

Cyber-Threats and Countermeasures in Financial Sector

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

Copyright 2011 Trend Micro Inc.

Accelerating growth and digital adoption with seamless identity trust

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

SOC for cybersecurity

Building a data savvy digital infrastructure. Fujitsu and NetApp Together. Jim Croyle Partner Solutions Manager, APAC

STRONG PROFITS AND NEW MARKET OPPORTUNITIES SAMU KONTTINEN Capital Market Day 16 Sept 2015

SECURING THE CONNECTED ENTERPRISE.

Governance Ideas Exchange

M2M in the Real World: Security Best Practices and Lessons Learned

Key Authentication Considerations for Your Mobile Strategy

Angela McKay Director, Government Security Policy and Strategy Microsoft

INTELLIGENCE DRIVEN GRC FOR SECURITY

A company built on security

Achieving End-to-End Security in the Internet of Things (IoT)

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide

Cloud Computing Overview. The Business and Technology Impact. October 2013

Mastering The Endpoint

Retail Security in a World of Digital Touchpoint Complexity

Next Generation Policy & Compliance

Cloud Security Myths Paul Mazzucco, Chief Security Officer

Understanding Persistent Connectivity: How IoT and Data Will Impact the Connected Data Center

Accelerate Your Enterprise Private Cloud Initiative

Cyber Due Diligence: Understanding the New Normal in Corporate Risk

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

Cyber Security. Activities of an national insurance association based on the example of VVO

Cyber Threat XChange: A New Approach to Managing Security

Digital Network Architecture

5g Use Cases. Telefonaktiebolaget LM Ericsson 2015 Ericsson July 2015

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Don t Be the Next Headline! PHI and Cyber Security in Outsourced Services.

Seagate Point of View Cloud and Data Center Trend

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust

2017 Cyber Incident & Breach Readiness Webinar Will Start Shortly

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Cyber, An Evolving Ecosystem: Creating The Road For Tomorrows Smart Cities

Deploying Modern Video Surveillance in Restaurants with the Cloud

Executive Insights. Protecting data, securing systems

THALES DATA THREAT REPORT

Connected Experiences

USE CASES BROADBAND AND MEDIA EVERYWHERE SMART VEHICLES, TRANSPORT CRITICAL SERVICES AND INFRASTRUCTURE CONTROL CRITICAL CONTROL OF REMOTE DEVICES

Transcription:

SESSION ID: GPS1-R03 IoT Security and Risk Management Tyson Macaulay Chief Security Strategist, Fortinet

IoT Security is a BIG STORY!

Security as a % of IT Budget 4% 7% 20 Billion+ devices? 2% Source: Gartner: 2005 to 2015 2005 2010 2015 2020

CEO s Guide to IoT Security AT&T, March 2016 IoT deployments are on the rise How many connected devices do you have in your organization? 85% of global organizations are considering, exploring, or implementing an IoT strategy 35% 32% 5% 1% 20% 8% None Fewer than 100 100-999 1,000-4,999 5,000+ Don't know 10% of organizations are fully confident that their connected devices are secure Source: AT&T, March 2016

Customers looking for IoT security services Source: Fortinet, May 2016

Threat Agents in the IoT Criminals Hacktivists Industrial Spies Nation States Terrorists Insiders Chaotic Actors & Vigilantes Regulators

Top Threats to the IoT (the short list) Regulatory and Legal Competitive Financial Internal Policy Privacy Data assurance Resource allocation Audit failures Skills shortages Failure to use big data effectively Market disruptors Unstable suppliers and partners Subscriber fraud and theft of service Social engineering (accounts info) Fines (regulatory vs SLA) Liability and insurance Standards vacuum

Zoom in! - IoT Transaction Use-case Energy Spot-market settlement Fuel currencies Micro-payments for utilities Food ordering Stored value and loyalty Pay as you go feed stock by inventory managers Automated prescription fulfillment P2P lending

Zoom in! Blockchain IoT Transaction Use-case 1 A wants to send currency, updated service information or device ownership to B 2 The transaction grouped with many other transaction occurring in the same period as a "block" 3 The block is broadcast to every verifying party in the network for agreement that double spending or false transactions are not present A 4 Those in the network approve the transaction is unique and valid 5 The block is encoded with a hash of the previous block and then can be added to the end of the former block to form a chain, which provides an indelible and transparent record of transactions 6 The money / service information or device ownership moves from A to B B

Big Threat #1 Device to Device Attacks Infected/ compromised devices attack internally and externally Infected device enters the home and attacks adjacent devices which in turn launch attacks

Big Threat #2 IoT as the Weakest Link Social engineering in the IoT Compromise of one device leads to all adjacent systems Sabotage or privacy invasions Attack on information-rich devices Fetch patches = malware Personally Identifiable Info Malware Drop Messages pushed to device manager Upgrade now for your own safety Man-in-the-Middle or compromise Cloud IoT Cloud services

Big Threat #3 Interdependency and Complexity IoT ecosystem has many stakeholders and service providers at each point in the architecture Cascading impacts almost impossible to project or monitor Assumptions will fail Gateway Network Service function owner Network provider Equipment maker Gateway owner Network owner Supply chain Gateway manager Gateway maker Supply chain 4 1 2 Network manager Cloud / DC Service tenant Platform vendor End point Device user(s) Device owner Device manager 3 Software owner Software manager Software vendor Infrastructure owner Infrastructure manage Infrastructure vendors Device maker Platform owner Supply chain Supply chain Platform manager

Case Study - 4G to 5G Security Evolution to Support IoT

4G/IoT Security Today

4G Security Solutions Today Carrier-network Focus

IoT/5G Heavy Growth Across Infrastructure

4G versus 5G requirements Energy Efficiency Wireless Spectral Efficiency Device Cost Availability / Reliability Data Rate End point Battery Life Cost per Mbps 4G (capabilities) Machine 5G (requirements) Human 5G (requirements) Mobility Latency Source: Mobile Experts LLC, Feb 2015 Device Density

IoT/4G Evolving to IoT/5G More Challenges

PARTIALLY WITH THE IOT DEVICES THEMSELVES. BUT MOSTLY WITH THE NETWORK. WHERE DO THE IOT SECURITY ANSWERS LIE?

A Cooperative Security Fabric in the Enterprise Global Intelligence Client Security Alliance Partners IoT Cloud Security Secure LAN Access Application Security Secure WLAN Access Local Intelligence Network Security

End-to-End: IoT Security Reference Model Control & Visibility END POINTS End point Gateways Network Data Center and Cloud DATA CENTER & CLOUD GATEWAYSVirtualization Security Services & Framework (Smart) (Wireless/Fixed) NETWORK Distributed Network Function Virtualization (D-NFV) Network Function Virtualization (NFV)

Evolving IoT Infrastructure

Evolving IoT Infrastructure with Security Micro-segmentation (by subscriber) Form factor: Virtual Micro-segmentation (by in-home service) Form factor: Virtual

Apply: Call to Action for IoT Risk Management IoT devices require new approaches to security Look to the network for better security Gateways, Transport networks, DC / Clouds Network virtualization brings opportunities for better security, not just operational savings Increased automation, Scalability and license management

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback