identity management

Cisco Eyes Security Services For Connected Cars

Connected vehicles are a big new area of investment. We saw evidence of that at the recent Consumer Electronics Show (CES) and we’re  hearing a lot more about it this week, as carmakers strut their stuff at the North American International Auto Show.   Security isn’t generally part of the conversation, but as we’ve noted here on more than one occasion: connected vehicles introduce a myriad of challenging security problems, from authentication to communications and system integrity, not to mention data privacy. [Read more Security Ledger coverage of connected vehicles here.] Now networking giant Cisco says that it sees a role for its technology in protecting vehicle area networks (VANs), just as the company’s networking equipment enabled and protected local and wide area networks (LANs and WANs) over the last two decades. In a blog post, Cisco said it is rolling out “a range of products and services” that it […]

Continue Reading

CES: The Security Questions Nobody Wants You To Ask

A note that CES – the Consumer Electronics Show – is once again upon us. Prepare yourself for three or four days of tipsy reporting from the mainstream media about all the gee whiz gadgets that will soon be yours…or not. Let’s face it: a lot of what’s shown at CES is proof of concept stuff and some of it is just too downright silly to ever catch on. Remember HAPIFork? The “smart” fork that would warn you when you were shoveling grub into your maw too quickly? Right. Product security and data privacy are almost always lost in the excitement over the new gadgets and the TUSs. (Televisions of Unusual Size? I don’t think they exist!) That’s why, over on the Veracode blog, I put together a quick list of impertinent questions that every security-minded CES attendee should have at their fingertips. The questions cover a wide range of […]

Continue Reading

Prediction: Rough Road Ahead in 2014 For Security and Internet of Things

With the New Year fast approaching, it’s (unofficially) ‘prediction season,’ when everyone worth their salt stares into the crystal ball and tries to imagine what the world will look like 12 months hence. To sort through our 2014 predictions, we called on Mark Stanislav, the chief Security Evangelist at Duo Security. Mark is a seasoned security researcher who has taken an interest in the security of the Internet of Things. Earlier this year, we wrote about research Mark did on the IZON Camera, an IP-enabled home surveillance camera that is sold by big-box retail stores like Best Buy, as well as by the Apple Store. Beneath the IZON’s polished exterior, the IZON was a mess of sloppy coding and poor security implementation, Stanislav discovered. Like many IoT devices, IZON cameras punted security to those responsible for the wireless network that it was deployed on – essentially trusting any connection from […]

Continue Reading

Experts: ‘Infinite’ Attack Surface of IoT Demands New Approach

If the growth of the Internet of Things has been a curiosity to enterprises and the IT security industry that serves them, it won’t stay that way for long, experts warned at a gathering in San Francisco. The rapid adoption of Internet of Things (IoT) technology is poised to transform the IT industry, vastly expanding the opportunities for cyber attacks against a much wider range of targets: from implantable medical devices to manufacturing plants to automobiles, according to participants in a panel discussion on “Shaping The Internet of Things” at The Amphion Forum event in San Francisco. While media attention on The Internet of Things has focused on products like the Nest Thermostat and connected automobiles, the IoT encompasses an almost limitless population of devices – many far more mundane, said Ralph Broom a Principal Engineer at the firm Noblis, and one of three panel members. The Internet of Things, in […]

Continue Reading

Obama Administration: Speak Up On Trusted ID Plans!

The Obama Administration is throwing its weight behind two federal efforts to increase the use of so-called “trusted identities” online as a way to combat consumer fraud and threats to critical infrastructure. Writing on the White House blog on Monday, Michael Daniel, the Obama Administration’s cyber security coordinator said that the current system for managing online identities (user IDs and passwords) is “hopelessly broken,” and that the stakes are getting ever higher for breaches. “While today it might be a social media website, tomorrow it could be your bank, health services providers, or even public utilities,” he wrote. Daniel said two federal initiatives aim to tip the scales in the direction of stronger and more secure online identities, but that more public engagement is needed to ensure that what is produced by those projects gets adopted. Specifically: Daniel highlighted two NIST-led efforts: the National Strategy for Trusted Identities in Cyberspace (NSTIC), […]

Continue Reading
1 9 10 11 12