Comprehensive Cyber Hygiene of IoT Systems
Security cameras are the most deployed “IoT” devices according to IT managers in a recent study by Spiceworks and Cradlepoint. Security of IoT devices is the highest concern of these IT managers. In addition, according to a recent Harvard Business Review survey of facilities managers, more than 60% of successful cyber attacks against organizations come through IoT building systems, with video surveillance the number 2 place for such attacks to be launched from. Despite the clear and urgent imperative for comprehensive cyber hygiene of physical security systems, it is not happening very quickly. There are both new processes that need to be added, and existing processes must become more automated. While many organizations are aware of the need to update firmware, they are not yet aware of other cyber hygiene capabilities like using TLS or 802.1x certificates at the device level, or having a comprehensive password management process. The learning objectives for this session will be to understand that comprehensive cyber hygiene must incorporate management of passwords, firmware, and certificates, and to best achieve that at scale.