SlideShare a Scribd company logo

Challenges in the Internet of Things – Standards and Security

PECB
PECB

The webinar will cover Internet of Things, outline the various types of IoT devices and environments, cover some examples of IoT based cyberattacks, and cover the various current standards and frameworks available to help guide security in this space. Main points covered: • Definition of IoT • Sample use cases for IoT • Risks around IoT • Standards/frameworks for IoT • Security options for IoT Presenter: Our presenter for this webinar is Anthony English, who has worked in IT and Information Security for more than 25 years and in the healthcare, law enforcement, IT consulting, lottery and gaming and education sectors. From managing a global information security program to implementing structured 27001 and 27032 programs, he has covered the broad range of applied security. Link to the recorded webinar:

Education
1 of 28
IoT – what is it? Protect Revenue, Assist Governance and Ensure Business Continuity
IoT – what is it? Protect Revenue, Assist Governance and Ensure Business Continuity Endpoint Devices • Cars, farm resources, medical devices, smart TV’s, etc. • Buildings, Infrastructure, Utilities (typically SCADA) Gateways • Short range communication devices such as routers using 802.x, Bluetooth, etc. • Link from end devices to external networks Telecomms / Internet links • Cellular, Fiber, Dedicated links, etc. • Link gateways to the service level Service Level • End user, Big Data, Automation, etc.
IoT – Where is it?
IoT – Medical Protect Revenue, Assist Governance and Ensure Business Continuity Wireless Implantable Medical Devices: • Cochlear implants • Pacemakers • Insulin Pumps • Gastric Stimulators, etc. Medical Devices/Tools/Networks: • CAT Scan Machines • Bedside Data Systems • Portable ICU units, etc.
IoT – End user: Automotive Protect Revenue, Assist Governance and Ensure Business Continuity
IoT – Smart Cities Protect Revenue, Assist Governance and Ensure Business Continuity Smart Cities People Management, etc. Environmental, power grid, etc., Monitoring Traffic & parking Management
IoT – Food Supply Protect Revenue, Assist Governance and Ensure Business Continuity Preparation Transit Shelf Life Pick and Prep Pack Transport Distribute Consumers
IoT – Utilities Protect Revenue, Assist Governance and Ensure Business Continuity Power Distribution Building/Co mmercial IndustrialHome Use Multi- Tenant Bldg.
IoT – Manufacturing Protect Revenue, Assist Governance and Ensure Business Continuity *Source: Verizon
IoT – At Home Protect Revenue, Assist Governance and Ensure Business Continuity
IoT Internals
IoT – What is the Operating System? Protect Revenue, Assist Governance and Ensure Business Continuity
IoT Devices – What else is unique? Protect Revenue, Assist Governance and Ensure Business Continuity
IoT Risks
IoT – So why worry? Protect Revenue, Assist Governance and Ensure Business Continuity
IoT – So why worry? Protect Revenue, Assist Governance and Ensure Business Continuity
IoT Protocols and Frameworks
IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity The following is a list of some of the protocols used by IoT: 1) Infrastructure – RPL, IPv4/IPv6, 6LowPAN 2) Identification – EPC, URIs, IPv6 3) Comms/Transport – Bluetooth, LPWAN, WiFi 4) Discovery – DNS-SD, mDNS 5) Data Protocols – Websocket, AMQP, CoAP, MQTT 6) Device Management – OMA_DM, TR-069 7) Semantic – JSON-LD 8) Multi-layer Frameworks – Weave, Homekit, IoTivity
IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity
IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity
IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity
IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity
IoT – What else can be done? Protect Revenue, Assist Governance and Ensure Business Continuity
IoT – Blockchain as a Protective Measure Protect Revenue, Assist Governance and Ensure Business Continuity BlockChain Network IoT Transaction Node (Including Miner) IoT Transaction Node IoT Transaction Node IoT Transaction Node (Incuding Miner)
BlockChainClients IoT – Blockchain as a Protective Measure Protect Revenue, Assist Governance and Ensure Business Continuity IoT Transaction Node IoT Transaction Node IoT Transaction Node IoT Transaction Node (Incuding Miner) Blockchain Service
ISO/IEC 27032 Training Courses • ISO/IEC 27001 Introduction 1 Day Course • ISO/IEC 27001 Foundation 2 Days Course • ISO/IEC 27001 Lead Implementer 5 Days Course • ISO/IEC 27001 Lead Auditor 5 Days Course Exam and certification fees are included in the training price. https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 www.pecb.com/events
THANK YOU ? anthony.english@marinerinnovations.com www.marinerinnovations.com linkedin.com/in/tony-english-7b6174112

Recommended

IoT for Healthcare
IoT for HealthcareIoT for Healthcare
IoT for HealthcareSenZations Summer School
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
IoT Healthcare
IoT HealthcareIoT Healthcare
IoT Healthcareneha kumari
 
Bluetooh Technology
Bluetooh TechnologyBluetooh Technology
Bluetooh Technologypariluv
 
5G IoT Use Cases
5G IoT Use Cases5G IoT Use Cases
5G IoT Use CasesTakayuki Yamazaki
 
IoT on Medical System
IoT on Medical SystemIoT on Medical System
IoT on Medical SystemAad Eez
 
Internet of everything ppt
Internet of everything pptInternet of everything ppt
Internet of everything pptLavanya Sharma
 
Internet of things startup basic
Internet of things startup basicInternet of things startup basic
Internet of things startup basicMathan kumar
 

Recommended

IoT for Healthcare
IoT for HealthcareIoT for Healthcare
IoT for HealthcareSenZations Summer School
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
IoT Healthcare
IoT HealthcareIoT Healthcare
IoT Healthcareneha kumari
 
Bluetooh Technology
Bluetooh TechnologyBluetooh Technology
Bluetooh Technologypariluv
 
5G IoT Use Cases
5G IoT Use Cases5G IoT Use Cases
5G IoT Use CasesTakayuki Yamazaki
 
IoT on Medical System
IoT on Medical SystemIoT on Medical System
IoT on Medical SystemAad Eez
 
Internet of everything ppt
Internet of everything pptInternet of everything ppt
Internet of everything pptLavanya Sharma
 
Internet of things startup basic
Internet of things startup basicInternet of things startup basic
Internet of things startup basicMathan kumar
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTSKS
 
IoT in healthcare
IoT in healthcareIoT in healthcare
IoT in healthcareNikhil Neema
 
IoT(Internet of Things) Report
IoT(Internet of Things) ReportIoT(Internet of Things) Report
IoT(Internet of Things) ReportHitesh Kumar Singh
 
Smart health monitoring system
Smart health monitoring systemSmart health monitoring system
Smart health monitoring systemMrittunjoy Das
 
IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
The internet of things for health care a comprehensive survey
The internet of things for health care a comprehensive surveyThe internet of things for health care a comprehensive survey
The internet of things for health care a comprehensive surveyredpel dot com
 
IoT advatage and disadvantage
IoT advatage and disadvantageIoT advatage and disadvantage
IoT advatage and disadvantageRubel Biswas
 
An introduction to M2M / IoT technologies
An introduction to M2M / IoT technologiesAn introduction to M2M / IoT technologies
An introduction to M2M / IoT technologiesPascal Bodin
 
Iot and cloud computing
Iot and cloud computingIot and cloud computing
Iot and cloud computingeteshagarwal1
 
IoT with 5G-Network
IoT with 5G-NetworkIoT with 5G-Network
IoT with 5G-NetworkBelal Ashraf
 
Industrial IoT and OT/IT Convergence
Industrial IoT and OT/IT ConvergenceIndustrial IoT and OT/IT Convergence
Industrial IoT and OT/IT ConvergenceMichelle Holley
 
5g wireless technology
5g wireless technology 5g wireless technology
5g wireless technology Sudhanshu Jha
 
Connected Medical Devices in the Internet of Things
Connected Medical Devices in the Internet of ThingsConnected Medical Devices in the Internet of Things
Connected Medical Devices in the Internet of ThingsReal-Time Innovations (RTI)
 
Lecture 1 - Introduction to IoT
Lecture 1 - Introduction to IoTLecture 1 - Introduction to IoT
Lecture 1 - Introduction to IoTAlexandru Radovici
 
6 g technology-two
6 g technology-two6 g technology-two
6 g technology-twosusmitabiswal2
 
M2M Communication
M2M CommunicationM2M Communication
M2M CommunicationFabMinds
 
Iot based health monitoring system
Iot based health monitoring systemIot based health monitoring system
Iot based health monitoring systemShaswataMohanta
 
Iot - Internet of Things
Iot - Internet of ThingsIot - Internet of Things
Iot - Internet of ThingsKIET Group of Institutions, Ghaziabad
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSomasundaram Jambunathan
 
Internet of Things (IoT) - IK
Internet of Things (IoT) - IKInternet of Things (IoT) - IK
Internet of Things (IoT) - IKIlgın Kavaklıoğulları
 
Automatski - Remote Patient Management Solution
Automatski - Remote Patient Management SolutionAutomatski - Remote Patient Management Solution
Automatski - Remote Patient Management Solutionautomatskicorporation
 
SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSukumar Nayak
 

More Related Content

What's hot

Security in IoT
Security in IoTSecurity in IoT
Security in IoTSKS
 
IoT(Internet of Things) Report
IoT(Internet of Things) ReportIoT(Internet of Things) Report
IoT(Internet of Things) ReportHitesh Kumar Singh
 
Smart health monitoring system
Smart health monitoring systemSmart health monitoring system
Smart health monitoring systemMrittunjoy Das
 
The internet of things for health care a comprehensive survey
The internet of things for health care a comprehensive surveyThe internet of things for health care a comprehensive survey
The internet of things for health care a comprehensive surveyredpel dot com
 
IoT advatage and disadvantage
IoT advatage and disadvantageIoT advatage and disadvantage
IoT advatage and disadvantageRubel Biswas
 
An introduction to M2M / IoT technologies
An introduction to M2M / IoT technologiesAn introduction to M2M / IoT technologies
An introduction to M2M / IoT technologiesPascal Bodin
 
Iot and cloud computing
Iot and cloud computingIot and cloud computing
Iot and cloud computingeteshagarwal1
 
IoT with 5G-Network
IoT with 5G-NetworkIoT with 5G-Network
IoT with 5G-NetworkBelal Ashraf
 
Industrial IoT and OT/IT Convergence
Industrial IoT and OT/IT ConvergenceIndustrial IoT and OT/IT Convergence
Industrial IoT and OT/IT ConvergenceMichelle Holley
 
5g wireless technology
5g wireless technology 5g wireless technology
5g wireless technology Sudhanshu Jha
 
Connected Medical Devices in the Internet of Things
Connected Medical Devices in the Internet of ThingsConnected Medical Devices in the Internet of Things
Connected Medical Devices in the Internet of ThingsReal-Time Innovations (RTI)
 
Lecture 1 - Introduction to IoT
Lecture 1 - Introduction to IoTLecture 1 - Introduction to IoT
Lecture 1 - Introduction to IoTAlexandru Radovici
 
M2M Communication
M2M CommunicationM2M Communication
M2M CommunicationFabMinds
 
Iot based health monitoring system
Iot based health monitoring systemIot based health monitoring system
Iot based health monitoring systemShaswataMohanta
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSomasundaram Jambunathan
 

What's hot (20)

Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 
IoT in healthcare
IoT in healthcareIoT in healthcare
IoT in healthcare
 
IoT(Internet of Things) Report
IoT(Internet of Things) ReportIoT(Internet of Things) Report
IoT(Internet of Things) Report
 
Smart health monitoring system
Smart health monitoring systemSmart health monitoring system
Smart health monitoring system
 
IoT security
IoT securityIoT security
IoT security
 
The internet of things for health care a comprehensive survey
The internet of things for health care a comprehensive surveyThe internet of things for health care a comprehensive survey
The internet of things for health care a comprehensive survey
 
IoT advatage and disadvantage
IoT advatage and disadvantageIoT advatage and disadvantage
IoT advatage and disadvantage
 
An introduction to M2M / IoT technologies
An introduction to M2M / IoT technologiesAn introduction to M2M / IoT technologies
An introduction to M2M / IoT technologies
 
Iot and cloud computing
Iot and cloud computingIot and cloud computing
Iot and cloud computing
 
IoT with 5G-Network
IoT with 5G-NetworkIoT with 5G-Network
IoT with 5G-Network
 
Industrial IoT and OT/IT Convergence
Industrial IoT and OT/IT ConvergenceIndustrial IoT and OT/IT Convergence
Industrial IoT and OT/IT Convergence
 
5g wireless technology
5g wireless technology 5g wireless technology
5g wireless technology
 
Connected Medical Devices in the Internet of Things
Connected Medical Devices in the Internet of ThingsConnected Medical Devices in the Internet of Things
Connected Medical Devices in the Internet of Things
 
Lecture 1 - Introduction to IoT
Lecture 1 - Introduction to IoTLecture 1 - Introduction to IoT
Lecture 1 - Introduction to IoT
 
6 g technology-two
6 g technology-two6 g technology-two
6 g technology-two
 
M2M Communication
M2M CommunicationM2M Communication
M2M Communication
 
Iot based health monitoring system
Iot based health monitoring systemIot based health monitoring system
Iot based health monitoring system
 
Iot - Internet of Things
Iot - Internet of ThingsIot - Internet of Things
Iot - Internet of Things
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
 
Internet of Things (IoT) - IK
Internet of Things (IoT) - IKInternet of Things (IoT) - IK
Internet of Things (IoT) - IK
 

Similar to Challenges in the Internet of Things – Standards and Security

Automatski - Remote Patient Management Solution
Automatski - Remote Patient Management SolutionAutomatski - Remote Patient Management Solution
Automatski - Remote Patient Management Solutionautomatskicorporation
 
SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSukumar Nayak
 
IoT spending to surpass $800 billion in 2017, led by hardware
IoT spending to surpass $800 billion in 2017, led by hardwareIoT spending to surpass $800 billion in 2017, led by hardware
IoT spending to surpass $800 billion in 2017, led by hardwarepaul young cpa, cga
 
IOT - internet of Things - August 2017
IOT - internet of Things - August 2017IOT - internet of Things - August 2017
IOT - internet of Things - August 2017paul young cpa, cga
 
Internet of Things Stack - Presentation Version
Internet of Things Stack - Presentation VersionInternet of Things Stack - Presentation Version
Internet of Things Stack - Presentation VersionPostscapes
 
Iot Solution Development Platform
Iot Solution Development PlatformIot Solution Development Platform
Iot Solution Development PlatformUnmesh Ballal
 
IOT - Internet of Things - September 2017
IOT - Internet of Things - September 2017IOT - Internet of Things - September 2017
IOT - Internet of Things - September 2017paul young cpa, cga
 
Internet of Things- Remote Desktop & Wireless Hibernation
Internet of Things- Remote Desktop & Wireless HibernationInternet of Things- Remote Desktop & Wireless Hibernation
Internet of Things- Remote Desktop & Wireless HibernationIRJET Journal
 
Internet of Things Stack
Internet of Things StackInternet of Things Stack
Internet of Things StackPostscapes
 
IT to IOT Evolution
IT to IOT EvolutionIT to IOT Evolution
IT to IOT EvolutionJayakumar PP
 
The Internet of Things - Solutions to Drive Business Transformation
The Internet of Things - Solutions to Drive Business TransformationThe Internet of Things - Solutions to Drive Business Transformation
The Internet of Things - Solutions to Drive Business TransformationRed Hat India Pvt. Ltd.
 
Leveraging compute power at the edge - M2M solutions with Informix in the IoT...
Leveraging compute power at the edge - M2M solutions with Informix in the IoT...Leveraging compute power at the edge - M2M solutions with Informix in the IoT...
Leveraging compute power at the edge - M2M solutions with Informix in the IoT...IBM_Info_Management
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET Journal
 
IOT Success depends on Integration
IOT Success depends on Integration IOT Success depends on Integration
IOT Success depends on Integration John Mathon
 
Internet of Things Based Central Monitoring System for ATM’s
Internet of Things Based Central Monitoring System for ATM’sInternet of Things Based Central Monitoring System for ATM’s
Internet of Things Based Central Monitoring System for ATM’sIRJET Journal
 

Similar to Challenges in the Internet of Things – Standards and Security (20)

Automatski - Remote Patient Management Solution
Automatski - Remote Patient Management SolutionAutomatski - Remote Patient Management Solution
Automatski - Remote Patient Management Solution
 
SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoT
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
IoT spending to surpass $800 billion in 2017, led by hardware
IoT spending to surpass $800 billion in 2017, led by hardwareIoT spending to surpass $800 billion in 2017, led by hardware
IoT spending to surpass $800 billion in 2017, led by hardware
 
IOT - internet of Things - August 2017
IOT - internet of Things - August 2017IOT - internet of Things - August 2017
IOT - internet of Things - August 2017
 
Internet of Things Stack - Presentation Version
Internet of Things Stack - Presentation VersionInternet of Things Stack - Presentation Version
Internet of Things Stack - Presentation Version
 
Iot Solution Development Platform
Iot Solution Development PlatformIot Solution Development Platform
Iot Solution Development Platform
 
IOT - Internet of Things - September 2017
IOT - Internet of Things - September 2017IOT - Internet of Things - September 2017
IOT - Internet of Things - September 2017
 
Internet of Things- Remote Desktop & Wireless Hibernation
Internet of Things- Remote Desktop & Wireless HibernationInternet of Things- Remote Desktop & Wireless Hibernation
Internet of Things- Remote Desktop & Wireless Hibernation
 
Internet of Things Stack
Internet of Things StackInternet of Things Stack
Internet of Things Stack
 
IT to IOT Evolution
IT to IOT EvolutionIT to IOT Evolution
IT to IOT Evolution
 
IoT_Unit-1.pptx
IoT_Unit-1.pptxIoT_Unit-1.pptx
IoT_Unit-1.pptx
 
The Internet of Things - Solutions to Drive Business Transformation
The Internet of Things - Solutions to Drive Business TransformationThe Internet of Things - Solutions to Drive Business Transformation
The Internet of Things - Solutions to Drive Business Transformation
 
Leveraging compute power at the edge - M2M solutions with Informix in the IoT...
Leveraging compute power at the edge - M2M solutions with Informix in the IoT...Leveraging compute power at the edge - M2M solutions with Informix in the IoT...
Leveraging compute power at the edge - M2M solutions with Informix in the IoT...
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
IoT - Introduction
IoT - IntroductionIoT - Introduction
IoT - Introduction
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
 
IOT Success depends on Integration
IOT Success depends on Integration IOT Success depends on Integration
IOT Success depends on Integration
 
Internet of Things Based Central Monitoring System for ATM’s
Internet of Things Based Central Monitoring System for ATM’sInternet of Things Based Central Monitoring System for ATM’s
Internet of Things Based Central Monitoring System for ATM’s
 

More from PECB

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityPECB
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernancePECB
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...PECB
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...PECB
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyPECB
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...PECB
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationPECB
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsPECB
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...PECB
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC PECB
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...PECB
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA PECB
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?PECB
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptxPECB
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxPECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 

More from PECB (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 

Recently uploaded

Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 

Recently uploaded (20)

Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 

Challenges in the Internet of Things – Standards and Security

  • 1.
  • 2. IoT – what is it? Protect Revenue, Assist Governance and Ensure Business Continuity
  • 3. IoT – what is it? Protect Revenue, Assist Governance and Ensure Business Continuity Endpoint Devices • Cars, farm resources, medical devices, smart TV’s, etc. • Buildings, Infrastructure, Utilities (typically SCADA) Gateways • Short range communication devices such as routers using 802.x, Bluetooth, etc. • Link from end devices to external networks Telecomms / Internet links • Cellular, Fiber, Dedicated links, etc. • Link gateways to the service level Service Level • End user, Big Data, Automation, etc.
  • 4. IoT – Where is it?
  • 5. IoT – Medical Protect Revenue, Assist Governance and Ensure Business Continuity Wireless Implantable Medical Devices: • Cochlear implants • Pacemakers • Insulin Pumps • Gastric Stimulators, etc. Medical Devices/Tools/Networks: • CAT Scan Machines • Bedside Data Systems • Portable ICU units, etc.
  • 6. IoT – End user: Automotive Protect Revenue, Assist Governance and Ensure Business Continuity
  • 7. IoT – Smart Cities Protect Revenue, Assist Governance and Ensure Business Continuity Smart Cities People Management, etc. Environmental, power grid, etc., Monitoring Traffic & parking Management
  • 8. IoT – Food Supply Protect Revenue, Assist Governance and Ensure Business Continuity Preparation Transit Shelf Life Pick and Prep Pack Transport Distribute Consumers
  • 9. IoT – Utilities Protect Revenue, Assist Governance and Ensure Business Continuity Power Distribution Building/Co mmercial IndustrialHome Use Multi- Tenant Bldg.
  • 10. IoT – Manufacturing Protect Revenue, Assist Governance and Ensure Business Continuity *Source: Verizon
  • 11. IoT – At Home Protect Revenue, Assist Governance and Ensure Business Continuity
  • 13. IoT – What is the Operating System? Protect Revenue, Assist Governance and Ensure Business Continuity
  • 14. IoT Devices – What else is unique? Protect Revenue, Assist Governance and Ensure Business Continuity
  • 16. IoT – So why worry? Protect Revenue, Assist Governance and Ensure Business Continuity
  • 17. IoT – So why worry? Protect Revenue, Assist Governance and Ensure Business Continuity
  • 19. IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity The following is a list of some of the protocols used by IoT: 1) Infrastructure – RPL, IPv4/IPv6, 6LowPAN 2) Identification – EPC, URIs, IPv6 3) Comms/Transport – Bluetooth, LPWAN, WiFi 4) Discovery – DNS-SD, mDNS 5) Data Protocols – Websocket, AMQP, CoAP, MQTT 6) Device Management – OMA_DM, TR-069 7) Semantic – JSON-LD 8) Multi-layer Frameworks – Weave, Homekit, IoTivity
  • 20. IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity
  • 21. IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity
  • 22. IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity
  • 23. IoT – Protocols and Frameworks Protect Revenue, Assist Governance and Ensure Business Continuity
  • 24. IoT – What else can be done? Protect Revenue, Assist Governance and Ensure Business Continuity
  • 25. IoT – Blockchain as a Protective Measure Protect Revenue, Assist Governance and Ensure Business Continuity BlockChain Network IoT Transaction Node (Including Miner) IoT Transaction Node IoT Transaction Node IoT Transaction Node (Incuding Miner)
  • 26. BlockChainClients IoT – Blockchain as a Protective Measure Protect Revenue, Assist Governance and Ensure Business Continuity IoT Transaction Node IoT Transaction Node IoT Transaction Node IoT Transaction Node (Incuding Miner) Blockchain Service
  • 27. ISO/IEC 27032 Training Courses • ISO/IEC 27001 Introduction 1 Day Course • ISO/IEC 27001 Foundation 2 Days Course • ISO/IEC 27001 Lead Implementer 5 Days Course • ISO/IEC 27001 Lead Auditor 5 Days Course Exam and certification fees are included in the training price. https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 www.pecb.com/events

Editor's Notes

  1. IoT is pervasive to say the least. Today, the number and types of devices that include a WiFi or Bluetooth connection and that enable other devices to connect to them via these methods in order to transmit or receive (or both) data increases every day. Home thermostats and security system, appliances such as refrigerators, medical devices from implants to home care devices and hospital devices such as MRI machines, personal wearable devices such as fitness trackers, smart TV’s and other entertainment devices, printers, automobiles, and more. The great things about technology and its evolution is how we can now connect with all of the very different devices… this is also a bit of a problem….
  2. IoT has proven to be very useful for supporting automation and remote data gathering and process management. So much so that new human impactful disciplines have evolved and others have been enhanced; these bring technology directly into contact with human needs such as food crop management, supply chain logistics, smart cities, and more.
  3. The medical community has been moving to wireless capable devices for some time now since it enables better medicine. Previously difficult to manage implanted devices, for example, can now be managed via a wireless link. A specific example is pacemakers: they can now be checked and even tuned with a wireless connection whenever a patient requires it. Hospital devices such as MRI units can also be managed and even controlled remotely. A nurse at her station in the hospital can, for example, monitor medical status sensing devices hooked up to a patient from her hospital iPad.
  4. In addition to IoT assisting automation on the production line, it is hard to get into a car these days that does not have technology built into it on some level. Whether it is obvious dashboard touchscreens with bluetooth connectivity, a computer controlled engine and drive train, or an app on your smartphone to remotely start your car or see how far along your electric car charge is.
  5. Municipalities are always looking to maximize their annual budgets and IoT is seen as a way to help with this as well as help to manage people, places and things.
  6. Food supply chain is an evolving area of application for IoT and is helping with key areas of food supply management such as food grading and preparation, food transport, and food waste reduction overall.
  7. Utilities are embracing IoT and its capabilities although a more specialized approach called the Supervisory Control and Data Acquisition (SCADA) is the preferred method of automating power grid systems. Devices such as Smart Meters, building HVAC systems and others can all be considered part of IoT.
  8. IoT is used in manufacturing to further automate the production of goods. Examples include everything from tracking robots assembling automobiles to autonomous forklifts moving product in warehouses.
  9. IoT is also in a lot of homes these days – from alarm systems and thermostats to wearable tech such as Fitbits. And all of this can be monitored and managed from a smart phone.
  10. The footprint of the IoT operating system must be small because it is being deployed on devices with limited processing and storage capabilities typically. Microsoft Windows IoT was formerly known as Windows Embedded. Google is trying to address security weaknesses in IoT with its Brillo OS. Contiki is an open source OS for IoT. This is just a sample of the number of OS’s that are out there for IoT….
  11. Because IoT enabled devices are available in many forms and formats and because they are distributed across the spectrum of users from corporations to at home consumers, and because there are a number of operating systems and even unique hardware platforms (such as Raspberry Pi) on which to run small footprint OS’ that can connect to an IoT, the security challenges are many and security remains a moving target in IoT.
  12. So what’s the problem? A botnet which uses IoT devices (DVR recorders, etc.) called “Reaper” is currently estimated at 28,000 devices worldwide but experts warn it could grow at any time due to the fact that it uses IoT devices; this is a follow on to the Mirai IoT botnet. A similar type of botnet was used a little over a year ago to bring down Internet connections across the East Coast of North America. The US Department of Homeland Security issued a special bulletin in October of 2017 advising of the risks of IoT device exploits.
  13. Because IoT is becoming pervasive at an accelerated rate, IoT connected and sometimes, for example, even medically critical devices such as pacemakers became vulnerable very quickly. With a large number of OS’ out there for IoT devices to use, it is no wonder that there are security weaknesses in this realm.
  14. Do these look familiar? Some should but others may not and this is not even an exhaustive list of protocols used by IoT networks and devices. The protocol structure is not even really well matched to the OSI Reference Model that is used in computer networking. For frameworks (the last bullet above), there are some open source frameworks available.
  15. And, of course, OWASP is hot on the IoT security testing and secure design highway.
  16. The ISO (or IOS) is building out a set of IoT standards as well.
  17. And NIST has looked at its previous guidance documents and noted which of those are applicable to IoT and then also augmented their library with additional IoT documentation.
  18. The Center for Internet Security (CIS) has released guidance for securing IoT. CIS produces some of my favourite practical hardening guidance for technology.
  19. Because IoT crosses many domains and is not unique to any one user or technology demographic, protecting against improper use or exploitation is a multi-faceted effort. Ensuring your devices and network are properly protected is a good start: up to date anti-malware; ensuring your network perimeter is properly protected with DMZ’s/up to date access point and router software/properly configured firewalls and routers with no default password or settings; ensure you keep yourself and your co-workers trained on security and its threats; ensuring your IoT enabled devices/systems are kept up to date as well. Products like smart firewalls can protect your entire home network with anti-malware, network scanning, and safe site filtering.
  20. Each device in this diagram hosts the ledger and can participate in blockchain transactions including mining. Each ahs a private key or can generate one in order to participate in network transactions. This results in: a network of autonomous IoT devices, a ledger of transactions wherein any IoT device can create a transaction via cryptographic features and a distributed database wherein all IoT devices have an up to date version of the ledger. This model is not really possible today due to the overhead required on each IoT device.
  21. In this model a cloud based blockchain service contains transaction and mining nodes and these are also on premise at the client endbut API queries are used form the client end to the blockchain service in the cloud. No ledger would be stored at the client end.