Internet of Things

HBR: Internet Of Things Has ‘Profound’ Impact On Risk

The advent of a global network of Internet connected devices – sometimes referred to as the “Internet of Things” will bring about a “data democratization” that will upend traditional IT security models and pose considerable risks for organizations.   That’s the conclusion of two leading authorities on the so-called “Internet of Things” (IoT), Christopher J. Rezendes and W. David Stephenson, who write that its impact on businesses will be “profound,” and that cyber security will be one of the biggest challenges that organizations must address. In a guest post on the Harvard Business Review blog on Friday, Rezendes, the president of INEX Advisors, and Stephenson, an author and consultant specializing in the Internet of Things argue that  “the very principle that makes the IoT so powerful — the potential to share data instantly with everyone and everything (every authorized entity, that is) — creates a huge cybersecurity threat.” The authors predict […]

FDA: Medical Device Makers, Hospitals Need To Boost Cyber Security

The U.S. Food and Drug Administration (FDA) has issued guidance to medical device makers and hospitals that use their products to pay more attention to cyber security and the potential for cyber attacks on vulnerable medical instruments.   The FDA released its “Safety Communication for Cybersecurity for Medical Devices and Hospital Networks” on Thursday – the same day that the Department of Homeland Security’s ICS (Industrial Control System) CERT issued a warning about the discovery of hard coded “back door” passwords in some 300 medical devices from 40 separate vendors, including drug infusion pumps, ventilators and patient monitoring systems. The FDA said it expects device makers to “review their cybersecurity practices and policies to assure that appropriate safeguards are in place to prevent unauthorized access or modification to their medical devices or compromise of the security of the hospital network that may be connected to the device. Hospitals were instructed to harden […]

Wardriving Goes Corporate: Comcast Turning Residential WiFi Into ‘Millions of Hotspots’

One of the big challenges to the growth of the “Internet of Things” is access. It goes without saying that, without access to the Internet, almost all of the benefits of connected devices disappear. Your smart phone becomes a dumb phone. Your ‘net connected watch or running shoes or car scream into the void – trying desperately to connect to a network that isn’t there. Here in the U.S., that problem has typically been addressed by routing traffic through 3G or – depending on where you live – 4G wireless networks. However, access to those networks is spotty, especially in the sparsely populated Western U.S. According to a survey by the U.S. Federal Communications Commission (FCC), much of the Western U.S. is a 3G wasteland, with little or no access to broadband wireless networks. One solution is to tap the loose network of residential broadband subscribers, allowing them to peel […]

Welcoming A New Sponsor: Gemalto

Just a note to my loyal readers that The Security Ledger is welcoming a new sponsor this week: Gemalto. If you’re not familiar with them, Gemalto NV (GTO) is a ~3B firm that makes a wide range of software for e-identity documents, chip payment cards, network authentication devices and wireless modules, as well as the software to manage confidential data and secure transactions in the telecommunications, financial services, e-government, and information technology security markets. This is an especially exciting win for The Security Ledger because Gemalto, with 10,000 employees and offices in 46 countries is a key supplier to the global Internet of Things. Products like its Protiva platform provide the foundation of trust that undergirds online person-to-machine and machine-to-machine transactions and exchanges of all kinds: on mobile devices, smart cards, medical devices, automobiles and more. We’re really excited to have Gemalto on board as a Security Ledger sponsor. Please join […]

Black Hat Briefings

Missing in Action At BlackHat: The PC

Once the target of choice for hackers of all stripes, personal computers (PC) will be -at most- a side attraction at this year’s annual Black Hat Briefings show in Las Vegas, where presentations on ways to attack mobile devices and other networked “stuff” will take center stage. Just over ten percent of the scheduled talks and turbo talks at The Black Hat Briefings in early August (5 of 47)  will be devoted to attacks against what might be considered “traditional” endpoints, like end user systems and servers running Microsoft’s Windows, Apple’s Mac OSX and Linux. By contrast, more than 30% will discuss security flaws and attacks against mobile phones or other “smart” devices including wireless surveillance cameras, home automation systems and smart meters. The dearth of PC-focused talks isn’t a new trend in and of itself. As far back as 2006, talks that explicitly discussed security issues with components of Microsoft’s […]