Sophos

New England IoT: A Conversation Next Week On Cloud, Security and Internet of Things

One of the challenges of talking about security in the context of Internet of Things is that the Internet of Things (IoT) isn’t a discrete technology, but an umbrella phrase that encompasses a lot of separate innovations: mobility, inexpensive sensors, wireless connectivity, Big Data and so on. One of the biggest moving parts in the IoT puzzle is cloud computing. Cloud infrastructure – whether its Amazon’s Elastic Compute Cloud (EC2) or Google or any of the thousands (millions?) of private cloud – is the back end for almost every IoT product. That presents both opportunities and real challenge for companies that are looking to leverage IoT in their workplace. Next week, I’m going to moderate a panel at an event here in Boston where we’ll tackle some of these issues head-on. The event: The Connected Cloud Summit is taking place in Boston on Thursday, September 18 at The State Room in downtown Boston. […]

heartbleed SSL image

Tripping Over Heartbleed’s Long Tail

The news about the dreadful Heartbleed OpenSSL vulnerability keeps pumping – almost a month since it first made headlines. But now that other, equally scary security news is stealing the headlines (like the nasty Internet Explorer vulnerability that was announced this week, Heartbleed is taking a back seat. So where do things stand? I think its safe to say that we’re entering a phase that might be considered Heartbleed’s ‘long tail.’ On the one hand: there’s evidence of good news. The Register reported today that data collected by the firm Qualys suggests that almost all websites that were vulnerable to Heartbleed three weeks ago are now patched and no longer vulnerable. The Register’s John Leyden quotes Ristic, the director of engineering at Qualys, putting the percent of web sites, globally, that are still vulnerable to Heartbleed at 1 percent. That’s great news – but I don’t think its the end of the story […]