I’m seeing a lot of pre-conference promotion of content from the big Internet of Things Expo out in Santa Clara in early November. One interesting presentation that is worth checking out (the slides are already online) is James Kobielus’s talk on how IT professionals should address the security challenges of IoT. Kobielus is IBM’s program director for Big Data analytics product marketing. In his presentation, he tackles the question of whether the Internet of Things is (to use his words) “too big, diverse, pervasive, and dynamic to secure comprehensively?” [Read our coverage of Internet of Things security here. ] After all, history will show that we’ve done – at best – a so-so job of securing the Internet of machines. How will adding a few zeros to the number of connected endpoints make things better? IoT will undermine even the tenuous walls we’ve built around our existing IT infrastructure: moving us to a […]
Tag: data privacy
Apple’s Platform for Wellness Arrives | Life as a Healthcare CIO
John Halamka, the CIO of Beth Israel Deaconness Medical Center in Boston has an interesting post on his blog about Apple’s big unveiling yesterday and its implications for connected health applications. With the image of naked Jennifer Lawrence still fresh in our minds, Halamka points out that Apple is taking steps to make sure no such slip-ups happen in the context of protected health information – a promising new market for wearable technology. As Halamka sees it, we’re on the cusp of revolution that will see the consumerization of what he calls “healthcare middleware.” That refers to software and services, like Apple’s recently announced HealthKit, that aggregates data about your body from multiple sensors in your clothing, your body and environment. Unlike the nude selfies that recently made the rounds online, however, health data is protected by Federal legislation – HIPAA. For that reason, Apple keeps that data local to the mobile […]
Home Depot Acknowledges Breach of Payment Systems
Almost a week after public reports named Home Depot as a possible victim of a sophisticated cyber attack, the home improvement giant has acknowledged that it was hacked. In a statement on Monday, Home Depot said that an internal investigation confirmed a “breach of our payment data systems” took place. The breach affects the company’s U.S. and Canadian stores, though not its Mexican locations or online transactions, the company said. The incident also appears to have been long-lived. Home Depot estimates that the breach dates to April, 2014. The company did not say when it was finally shut down – though that date could be as late as July. Home Depot has been investigating the incident since it was first disclosed by Brian Krebs at the blog Krebsonsecurity. Krebs was alerted to the incident after large quantities of stolen credit cards began appearing on cyber criminal forums. Sources at […]
Ahead of Apple’s Announcement: The Security Implications of Wearables | Trend Micro
The world’s attention will be focused on Apple this week and on the topic of wearables. In an event on Tuesday, the Cupertino company is planning to unveil the latest additions to its popular iPhone line along with a wearable device that most folks are just calling the ‘iWatch.’ But as Apple wrestles with the security of its growing stable of mobile devices and the cloud infrastructure that supports them, what will the impact of wearables be? Well, the folks over at Trend Micro are putting together a series of blog posts that look at that very question. Namely: the (information) security implications of wearables. It makes for some interesting reading. Among other things, Trend There are three very broad categories that we can use to describe what we are talking about. The posts, by Senior Threat Researcher David Sancho, break down the wearables space into three categories: ‘IN’ devices like sensors, ‘OUT’ […]
Report: Deep Links Connect Home Depot, Target Hacks
Security reporter Brian Krebs has an intriguing post from Sunday that suggests a link between the massive breach at Target Stores in late 2013 and the recently alleged compromise of systems at home improvement giant Home Depot. Home Depot has yet to acknowledge any theft of customer data from its computer systems. However, according to Krebs, an unnamed “source close to the Home Depot investigation” told him that an analysis of compromised computers at Home Depot revealed that some of the store’s registers were infected with a new variant of BlackPOS, a malicious software program designed to run on Windows-based point of sale (or POS) systems and steal card data when cards are swiped. BlackPOS was found on point-of-sale systems at Target last year. In March, the security firm Arbor Networks issued a report that cited BlackPOS as one of a number of point of sale system malware families that cyber criminal groups were using heavily: generating new […]
