Context Accelerates IoT Discovery and RemediationStatus: Available Now
Many organizations have adopted agentless asset discovery to improve IoT security, and reports from the field are that it takes longer than expected to deploy and even longer to effectively remediate IoT device vulnerabilities. In part, this is because asset discovery alone does not provide the context that IoT devices operate in, especially when it comes to the overall application workflow and how all elements need to work together in a tightly coupled fashion.
This talk will show how application-directed discovery adds to the information uncovered in asset discovery, and how the two together dramatically accelerate the time to remediation and shrinking of the attack surface. Data examples from application-directed discovery will be provided, as well as an industrial IoT use case.
Comprehensive Cyber Hygiene of IoT Systems (2020)Status: Available Now
Security cameras are the most deployed “IoT” devices according to IT managers in a recent study by Spiceworks and Cradlepoint. Security of IoT devices is the highest concern of these IT managers. In addition, according to a recent Harvard Business Review survey of facilities managers, more than 60% of successful cyber attacks against organizations come through IoT building systems, with video surveillance the number 2 place for such attacks to be launched from. Despite the clear and urgent imperative for comprehensive cyber hygiene of physical security systems, it is not happening very quickly. There are both new processes that need to be added, and existing processes must become more automated. While many organizations are aware of the need to update firmware, they are not yet aware of other cyber hygiene capabilities like using TLS or 802.1x certificates at the device level, or having a comprehensive password management process. The learning objectives for this session will be to understand that comprehensive cyber hygiene must incorporate management of passwords, firmware, and certificates, and to best achieve that at scale.
Live Q&A - Comprehensive Cyber Hygiene of IoT Systems (2020)Status: Available Now
Live Q&A with John Gallagher following his talk titled 'Comprehensive Cyber Hygiene of IoT Systems'