Comprehensive Cyber Hygiene of IoT Systems
Presented by John Gallagher (2020-12-08 14:00 ET)
Security cameras are the most deployed “IoT” devices according to IT managers in a recent study by Spiceworks and Cradlepoint. Security of IoT devices is the highest concern of these IT managers. In addition, according to a recent Harvard Business Review survey of facilities managers, more than 60% of successful cyber attacks against organizations come through IoT building systems, with video surveillance the number 2 place for such attacks to be launched from. Despite the clear and urgent imperative for comprehensive cyber hygiene of physical security systems, it is not happening very quickly. There are both new processes that need to be added, and existing processes must become more automated. While many organizations are aware of the need to update firmware, they are not yet aware of other cyber hygiene capabilities like using TLS or 802.1x certificates at the device level, or having a comprehensive password management process. The learning objectives for this session will be to understand that comprehensive cyber hygiene must incorporate management of passwords, firmware, and certificates, and to best achieve that at scale.
Robust, Bare-Metal Security that works on any IoT Device
Presented by Shawn Prestridge (2020-12-08 14:30 ET)Are you looking to enable security on your IoT device but don’t really know where to start? This is the session for you! We will delve into the elements you need in an embedded design to establish security and explain why the components are necessarily. We will cover the differences between poor, “good enough”, and robust security and explain what you need to do to up your security game in your IoT device in simple, easy-to-follow steps. We will explain how to use a crypto toolbox to establish security fundamentals like: safe-and-secure boot, encrypted and authenticated communication, encrypted data storage, exploit detection/prevention, and more. Start your security journey here!
Live Q&A - Comprehensive Cyber Hygiene of IoT Systems
Presented by John Gallagher (2020-12-08 14:37 ET)Live Q&A with John Gallagher following his talk titled 'Comprehensive Cyber Hygiene of IoT Systems'
Live Q&A - Robust, Bare-Metal Security that works on any IoT Device
Presented by Shawn Prestridge (2020-12-08 15:07 ET)Live Q&A with Shawn Prestridge following his talk titled 'Robust, Bare-Metal Security that works on any IoT Device'.
IOT System Security Challenges
Presented by Subramaniam Ganesan (2020-12-09 11:30 ET)
In this presentation, IOT embedded system security, software and hardware solutions, security threat due to WiFi/ RF communication, security threats due to advanced wireless sensors, over the air software updating, data routers with cloud-based computing are presented. Need for real time protection, secure protocols for communication, role of Hardware Security Modules (HSM) in IOT are also discussed. Software algorithms, modeling and testing are presented.
Live Q&A - IOT System Security Challenges
Presented by Subramaniam Ganesan (2020-12-09 12:07 ET)Live Q&A with Subramaniam Ganesan following his talk titled 'IOT System Security Challenges'
The Journey Towards a Secure Industrial IoT Network
Presented by Vikram Sharma (2020-12-09 15:30 ET)
Protecting industrial operations against cyber threats is a very specific challenge. As industrial organizations connect more devices, enable more remote access, and build new applications, the airgap between IT and OT networks erodes and the IDMZ falls short of being sufficient.
Enhancing the security of your industrial network will not happen overnight. This session will present a phased and pragmatic approach where each phase builds the foundation for the next so that you can mature your OT security strategy at your own pace and lay the ground for a converged IT/OT security architecture.
What you will learn in this session:
- What information is needed to build an industrial network that is secure by design
- What are the key security technologies that must be deployed immediately to secure your industrial operations
- How to add OT to your existing IT security tools and what are the benefits of doing so
- How to demonstrate value to both IT and OT teams and embark all stakeholders in this journey to maximize your chances of success.