information technology

Internet of Things Interactions

Security Needs Context in IoT| SC Magazine

SC Magazine has a worthy editorial on IoT and security by John Barco, VP of product management at the firm ForgeRock on how Internet of Things (IoT) technologies requires both security and a better understanding of what Barco calls “context.”   “It’s not just about protecting IoT devices but the entire ecosystem, from the customer to the partner, the web page, mobile device, mobile app, the cloud and everything else in between,” he writes. Organizations that do not grasp the complex interactions between static devices, mobile devices and (of course) the cloud risk leaving sensitive, regulated data or intellectual property at the mercy of malicious actors. Barco’s recommendations? More and better user authentication to support IoT use cases outside the firewall, and future-proofing your IoT deployment by eschewing proprietary platforms and technologies. To quote Barco: “open source gives IT a platform it can build on and customize, while open standards offer the flexibility to adapt to future […]

Essentials for Visibility-Driven Security

Visibility is surprisingly tricky. The security industry offers many disparate tools to provide customers “visibility” into what is happening on their networks. Among them are tools that track what applications are on the network, tools for enumerating and tracking software vulnerabilities, tools for determining when sensitive data has left a network, tools that indicate when attacks are underway and tools that identify and analyze network data flows – to name just a few. Of course, layered on top of all this “visibility” are further systems that correlate and analyze what the mission-specific tools are seeing. Promises of a “single pane of glass” aside, the result is often a mishmash of data and events that require skilled security practitioners to analyze and interpret. The mishmash, in turn, leads to errors in analysis and prioritization. Albert Einstein famously said  “Any fool can know. The point is to understand.” So it is in the information security industry, where a common refrain is “you can’t protect […]

The IoT Comes To Chicago: IoT World Forum

The Internet of Things is increasingly an industry unto itself, with the conferences to prove it. And “no,” I’m not just talking about The Security of Things Forum – Security Ledger’s own IoT and security show. (Videos from our first annual show are now available, by the way. Register to view them here.) No: there are forums and symposiums focused on all different aspects of IoT: smart cities, design, wearables, and so on. There’s O’Reilly’s Solid, GigaOm Structure and any number of smaller, regional events. I’m at one of the more prominent IoT shows this week: The Internet of Things World Forum (IoTWF), which is sponsored by Cisco Systems. I’m moderating a really interesting panel that addresses a critical issue: the ways in with information technology (IT), operations technology (OT) and consumer technology (CT) converge in the IoT. These are three areas that, until recently, were separate. But a variety of developments […]