SlideShare a Scribd company logo

Internet of Energy Things IERC 2015

Paul Malone
Paul Malone

Presentation from IERC 2015 debate on the motion "The internet of energy things will deliver a secure, cheap and sustainable energy future". This presentation takes the "against" side of debate and argues that the Internet of Energy Things is not ready for mainstream use due to the lack of progress on security and data governance frameworks in IoT generally.

Technology
1 of 20
Download to read offline
IERC Conference 2015 Paul Malone 13th May 2015 12/05/2015   www.tssg.org  
The internet of energy things will deliver a secure, cheap and sustainable energy future 12/05/2015   www.tssg.org   2  
The internet of energy things will deliver a secure?, cheap and sustainable energy future 14/05/2015   www.tssg.org   3  
•  Increased attack surface •  Difficulty of patching devices •  Lack of data governance frameworks 12/05/2015   www.tssg.org   4  
Increased attack surface 12/05/2015   www.tssg.org   5  
12/05/2015   www.tssg.org   6   Source:  Cisco  
2014  Verizon  Data  Breach   Inves6ga6ons  Report   12/05/2015   www.tssg.org   7   Source:  Verizon  
The  OWASP  Internet  of  Things  Top  10     1.  Insecure Web Interface 2.  Insufficient Authentication/Authorization 3.  Insecure Network Services 4.  Lack of Transport Encryption 5.  Privacy Concerns 6.  Insecure Cloud Interface 7.  Insecure Mobile Interface 8.  Insufficient Security Configurability 9.  Insecure Software/Firmware 10. Poor Physical Security https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project 12/05/2015   www.tssg.org   8  
Difficulty of patching devices 12/05/2015   www.tssg.org   9  
HP  Report  2014   “70 percent of the most commonly used Internet of Things (IoT) devices contain vulnerabilities, including password security, encryption and general lack of granular user access permissions.” “IoT devices averaged 25 vulnerabilities per product, indicating expanding attack surface for adversaries” 12/05/2015   www.tssg.org   10  
“The challenge is, you see all of these devices coming online at a rapid clip, without robust security. … Trying to apply a patch to a thermostat in the home is going to be much more challenging.” - Gary Davis, Intel Security 12/05/2015   www.tssg.org   11  
Foscam  Baby  Monitor   •  Multiple vulnerabilities •  100,000 cameras in the wild (easy to find) •  20% default user “admin” no password •  Vendor generated a patch (for some of the vulnerabilities) •  99% of cameras still ran the older firmware 12/05/2015   www.tssg.org   12  
Lack of agreed Data Governance Frameworks 12/05/2015   www.tssg.org   13  
•  Huge amounts of data •  Regulatory and compliance complexities •  Assurances with regard to PII –  Where is my data? –  Who has access? •  What assurances does the consumer have? –  How is my data being used? •  What is the value to me? •  What is the value to 3rd parties? 12/05/2015   www.tssg.org   14  
12/05/2015   www.tssg.org   15   What about Surveillance?
“If privacy and confidentiality isn’t designed in up front, on top of the security capabilities provided by the enabling M2M infrastructure (including authentication, access control, data protection), the benefits of the IoT cannot be fully realized.” - Tim Carey, Alcatel Lucent 12/05/2015   www.tssg.org   16  
The internet of energy things will deliver a secure, cheap and sustainable energy future 14/05/2015   www.tssg.org   17  
The internet of energy things will deliver a secure, cheap and sustainable energy future can 12/05/2015   www.tssg.org   18  
The internet of energy things will deliver a secure, cheap and sustainable energy future can 14/05/2015   www.tssg.org   19   But only if security is addressed first!
“You cannot escape the responsibility of tomorrow by evading it today.” - Abraham Lincoln 12/05/2015   www.tssg.org   20  

Recommended

Computer Investigation on Employees
Computer Investigation on EmployeesComputer Investigation on Employees
Computer Investigation on EmployeesSwiftTech Solutions, Inc.
 
HIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowHIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowSwiftTech Solutions, Inc.
 
SOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSwiftTech Solutions, Inc.
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...centralohioissa
 
Cyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanCyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanTWCA
 
Quantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipQuantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipNetskope
 
Data Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectData Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectNetskope
 

Recommended

Computer Investigation on Employees
Computer Investigation on EmployeesComputer Investigation on Employees
Computer Investigation on EmployeesSwiftTech Solutions, Inc.
 
HIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowHIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowSwiftTech Solutions, Inc.
 
SOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSwiftTech Solutions, Inc.
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...centralohioissa
 
Cyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanCyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanTWCA
 
Quantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipQuantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipNetskope
 
Data Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectData Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectNetskope
 
The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationNetskope
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessMike Brannon
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...Netskope
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionNetskope
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Jisc
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope
 
Netskope Overview
Netskope OverviewNetskope Overview
Netskope OverviewNetskope
 
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Web App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationWeb App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationQualys
 
The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1William Kiss
 
Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?SwiftTech Solutions, Inc.
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Netskope
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforcejlieberman07
 
System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV Smarter Grid Solutions
 
Tesla World Bjorn Nyland Why I Bought a Tesla Model S
Tesla World Bjorn Nyland Why I Bought a Tesla Model STesla World Bjorn Nyland Why I Bought a Tesla Model S
Tesla World Bjorn Nyland Why I Bought a Tesla Model STesla World
 

More Related Content

What's hot

The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationNetskope
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessMike Brannon
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...Netskope
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionNetskope
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Jisc
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope
 
Netskope Overview
Netskope OverviewNetskope Overview
Netskope OverviewNetskope
 
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Web App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationWeb App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationQualys
 
The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1William Kiss
 
Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?SwiftTech Solutions, Inc.
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Netskope
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforcejlieberman07
 

What's hot (20)

The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - Presentation
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with business
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Know
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
 
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity Edition
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good Thing
 
Netskope Overview
Netskope OverviewNetskope Overview
Netskope Overview
 
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Web App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationWeb App Attacks - Stats & Remediation
Web App Attacks - Stats & Remediation
 
The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1
 
Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Prevention
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforce
 

Viewers also liked

System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV Smarter Grid Solutions
 
Tesla World Bjorn Nyland Why I Bought a Tesla Model S
Tesla World Bjorn Nyland Why I Bought a Tesla Model STesla World Bjorn Nyland Why I Bought a Tesla Model S
Tesla World Bjorn Nyland Why I Bought a Tesla Model STesla World
 
So Cal Edison Smart Grid Strategyand Roadmap
So Cal Edison Smart Grid Strategyand RoadmapSo Cal Edison Smart Grid Strategyand Roadmap
So Cal Edison Smart Grid Strategyand Roadmapbrucetotty
 
Harvesting Energy for the Internet of Things
Harvesting Energy for the Internet of ThingsHarvesting Energy for the Internet of Things
Harvesting Energy for the Internet of ThingsAmala Putrevu
 
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...Tesla World
 
Transactive Energy: A Sustainable Business and Regulatory Model for Electricity
Transactive Energy: A Sustainable Business and Regulatory Model for Electricity Transactive Energy: A Sustainable Business and Regulatory Model for Electricity
Transactive Energy: A Sustainable Business and Regulatory Model for Electricity Baker Street Publishing LLC
 
The convergence of the Internet of Things and Energy
The convergence of the Internet of Things and EnergyThe convergence of the Internet of Things and Energy
The convergence of the Internet of Things and EnergyTom Raftery
 

Viewers also liked (7)

System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV System Level Data and Technology Requirements of REV
System Level Data and Technology Requirements of REV
 
Tesla World Bjorn Nyland Why I Bought a Tesla Model S
Tesla World Bjorn Nyland Why I Bought a Tesla Model STesla World Bjorn Nyland Why I Bought a Tesla Model S
Tesla World Bjorn Nyland Why I Bought a Tesla Model S
 
So Cal Edison Smart Grid Strategyand Roadmap
So Cal Edison Smart Grid Strategyand RoadmapSo Cal Edison Smart Grid Strategyand Roadmap
So Cal Edison Smart Grid Strategyand Roadmap
 
Harvesting Energy for the Internet of Things
Harvesting Energy for the Internet of ThingsHarvesting Energy for the Internet of Things
Harvesting Energy for the Internet of Things
 
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
 
Transactive Energy: A Sustainable Business and Regulatory Model for Electricity
Transactive Energy: A Sustainable Business and Regulatory Model for Electricity Transactive Energy: A Sustainable Business and Regulatory Model for Electricity
Transactive Energy: A Sustainable Business and Regulatory Model for Electricity
 
The convergence of the Internet of Things and Energy
The convergence of the Internet of Things and EnergyThe convergence of the Internet of Things and Energy
The convergence of the Internet of Things and Energy
 

Similar to Internet of Energy Things IERC 2015

Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14Vanguard Visions
 
Big data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursDilum Bandara
 
Where in the world is your Corporate data?
Where in the world is your Corporate data?Where in the world is your Corporate data?
Where in the world is your Corporate data?Ashish Patel
 
Data Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Driven Innovation
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYETDAofficialRegist
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Huntsman Security
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or looseBjørn Sloth
 
Guardium Data Activiy Monitor For C- Level Executives
Guardium Data Activiy Monitor For C- Level ExecutivesGuardium Data Activiy Monitor For C- Level Executives
Guardium Data Activiy Monitor For C- Level ExecutivesCamilo Fandiño Gómez
 
Clearswift f5 information_visibility_reducing_business_risk_whitepaper
Clearswift f5 information_visibility_reducing_business_risk_whitepaperClearswift f5 information_visibility_reducing_business_risk_whitepaper
Clearswift f5 information_visibility_reducing_business_risk_whitepaperMarco Essomba
 
Martin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloudMartin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloudContent Guru Benelux
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänsterTranscendent Group
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNAMatteo Masi
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Cloud Security Alliance Lviv Chapter
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?CA Technologies
 

Similar to Internet of Energy Things IERC 2015 (20)

Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
 
Big data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is Yours
 
Where in the world is your Corporate data?
Where in the world is your Corporate data?Where in the world is your Corporate data?
Where in the world is your Corporate data?
 
Data Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Analytics for Security Intelligence
Data Analytics for Security Intelligence
 
Trends in Cybersecurity
Trends in CybersecurityTrends in Cybersecurity
Trends in Cybersecurity
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
Seclud it polesc_sjuly7
Seclud it polesc_sjuly7Seclud it polesc_sjuly7
Seclud it polesc_sjuly7
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or loose
 
Guardium Data Activiy Monitor For C- Level Executives
Guardium Data Activiy Monitor For C- Level ExecutivesGuardium Data Activiy Monitor For C- Level Executives
Guardium Data Activiy Monitor For C- Level Executives
 
Clearswift f5 information_visibility_reducing_business_risk_whitepaper
Clearswift f5 information_visibility_reducing_business_risk_whitepaperClearswift f5 information_visibility_reducing_business_risk_whitepaper
Clearswift f5 information_visibility_reducing_business_risk_whitepaper
 
Martin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloudMartin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloud
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänster
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
journal paper
journal paperjournal paper
journal paper
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
 

Recently uploaded

Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 

Recently uploaded (20)

Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 

Internet of Energy Things IERC 2015

  • 1. IERC Conference 2015 Paul Malone 13th May 2015 12/05/2015   www.tssg.org  
  • 2. The internet of energy things will deliver a secure, cheap and sustainable energy future 12/05/2015   www.tssg.org   2  
  • 3. The internet of energy things will deliver a secure?, cheap and sustainable energy future 14/05/2015   www.tssg.org   3  
  • 4. •  Increased attack surface •  Difficulty of patching devices •  Lack of data governance frameworks 12/05/2015   www.tssg.org   4  
  • 5. Increased attack surface 12/05/2015   www.tssg.org   5  
  • 6. 12/05/2015   www.tssg.org   6   Source:  Cisco  
  • 7. 2014  Verizon  Data  Breach   Inves6ga6ons  Report   12/05/2015   www.tssg.org   7   Source:  Verizon  
  • 8. The  OWASP  Internet  of  Things  Top  10     1.  Insecure Web Interface 2.  Insufficient Authentication/Authorization 3.  Insecure Network Services 4.  Lack of Transport Encryption 5.  Privacy Concerns 6.  Insecure Cloud Interface 7.  Insecure Mobile Interface 8.  Insufficient Security Configurability 9.  Insecure Software/Firmware 10. Poor Physical Security https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project 12/05/2015   www.tssg.org   8  
  • 9. Difficulty of patching devices 12/05/2015   www.tssg.org   9  
  • 10. HP  Report  2014   “70 percent of the most commonly used Internet of Things (IoT) devices contain vulnerabilities, including password security, encryption and general lack of granular user access permissions.” “IoT devices averaged 25 vulnerabilities per product, indicating expanding attack surface for adversaries” 12/05/2015   www.tssg.org   10  
  • 11. “The challenge is, you see all of these devices coming online at a rapid clip, without robust security. … Trying to apply a patch to a thermostat in the home is going to be much more challenging.” - Gary Davis, Intel Security 12/05/2015   www.tssg.org   11  
  • 12. Foscam  Baby  Monitor   •  Multiple vulnerabilities •  100,000 cameras in the wild (easy to find) •  20% default user “admin” no password •  Vendor generated a patch (for some of the vulnerabilities) •  99% of cameras still ran the older firmware 12/05/2015   www.tssg.org   12  
  • 13. Lack of agreed Data Governance Frameworks 12/05/2015   www.tssg.org   13  
  • 14. •  Huge amounts of data •  Regulatory and compliance complexities •  Assurances with regard to PII –  Where is my data? –  Who has access? •  What assurances does the consumer have? –  How is my data being used? •  What is the value to me? •  What is the value to 3rd parties? 12/05/2015   www.tssg.org   14  
  • 15. 12/05/2015   www.tssg.org   15   What about Surveillance?
  • 16. “If privacy and confidentiality isn’t designed in up front, on top of the security capabilities provided by the enabling M2M infrastructure (including authentication, access control, data protection), the benefits of the IoT cannot be fully realized.” - Tim Carey, Alcatel Lucent 12/05/2015   www.tssg.org   16  
  • 17. The internet of energy things will deliver a secure, cheap and sustainable energy future 14/05/2015   www.tssg.org   17  
  • 18. The internet of energy things will deliver a secure, cheap and sustainable energy future can 12/05/2015   www.tssg.org   18  
  • 19. The internet of energy things will deliver a secure, cheap and sustainable energy future can 14/05/2015   www.tssg.org   19   But only if security is addressed first!
  • 20. “You cannot escape the responsibility of tomorrow by evading it today.” - Abraham Lincoln 12/05/2015   www.tssg.org   20