SlideShare a Scribd company logo

IoT Trust by Design: Lessons Learned in Wearables and Smart Home Products

Priyanka Aash
Priyanka Aash

The world has awakened to the need for tighter security and privacy in consumer-grade IoT offerings. This panel will present a trust framework for IoT, and wearable and smart home experts will discuss top attack vectors, typical vulnerabilities in devices, apps and systems, common reasons for design compromise, the evolution of security and privacy in IoT and where it needs to go Learning Objectives: 1: Understand security and privacy best practices for IoT product designs. 2: Explore specific examples of common design pitfalls and how to avoid them. 3: Obtain a risk assessment checklist for use in evaluating/procuring IoT solutions. (Source: RSA Conference USA 2018)

Technology
1 of 13
Download to read offline
SESSION ID: MODERATOR: #RSAC PANELISTS: MBS-T10 Marc Bown Senior Director, Security Fitbit @marcbown Jeff Wilbur Director, Online Trust Alliance initiative, Internet Society @jeffwilbur01 IOT TRUST BY DESIGN - LESSONS LEARNED IN WEARABLES AND SMART HOME PRODUCTS John Cook Sr Director, Product Management Symantec @disruptprodsguy
#RSAC Poll the Audience 2 Session MBS-T10 Are you an IoT manufacturer, do you manage IoT in the enterprise or neither? A – IoT manufacturer B – Manage enterprise IoT C – Neither https://rsa1-live.eventbase.com/polls?event=rsa2018&polls=3802
#RSAC Why Are We Here? 3
#RSAC What’s at Risk? 4 Smartwatches & wearables 74 F Connected thermostats Home alarm systems Wireless doorbells Real-time video monitoring Smart televisions with built in apps Streaming boxes for ”regular” TVs Gaming consoles Plugs to make other things “smart” Smart lights Connected appliances Source: Symantec
#RSAC Are Attacks Really Happening? 5 Threats Blocked Per Home, Per Day 22 Malware Blocked ~8.3/day Phishing Blocked ~1.2/day Botnets Blocked ~5.4/day Scams Blocked ~0.4/day Spam Blocked ~1/day PUP Blocked ~1/day Source: Symantec
#RSAC Poll the Audience 6 Session MBS-T10 Which part of the system requires the most "trust by design" discipline to ensure proper security and privacy? A – Devices and sensors B – Mobile apps C – Back-end services https://rsa1-live.eventbase.com/polls?event=rsa2018&polls=3803
#RSAC Where Do Vulnerabilities Lie? 7 Key device sub-systems Processor/memory/platform Radios Battery Software stacks Apps and Platforms Cloud & Web Services Devices & Sensors
#RSAC Assessing Attack “Reach” 8 Number of Devices Reached Proximity of Attack Home WiFi attack IoT worm Low High Near Far
#RSAC Poll the Audience 9 Session MBS-T10 What is the biggest reason security and privacy capability get compromised when developing consumer-grade IoT products? A – Cost B – Time C – Not a priority https://rsa1-live.eventbase.com/polls?event=rsa2018&polls=3804
#RSAC Addressing IoT Security and Privacy 10 The Online Trust Alliance’s IoT Trust Framework principles address Security, privacy and lifecycle issues Cover devices/sensors, apps and backend services Authentication CommunicationsControlDisclosuresPrivacy UpdatesSecurityEncryption
#RSAC Using Consumer-Grade IoT in the Enterprise 11 Newly released checklist for handling consumer-grade IoT in the enterprise Organized “chronologically”, from purchase and installation through maintenance and end of life
#RSAC Lessons Learned 12 Top 2-3 lessons to deliver on IoT “trust by design”
#RSAC Resources 13 OTA IoT Trust Framework – https://otalliance.org/system/files/files/initiative/documents/iot_trust_framework6-22.pdf Consumer-Grade IoT in the Enterprise – A Security Checklist https://otalliance.org/system/files/files/initiative/documents/enterprise_iot_checklist.pdf

Recommended

Hacking A Bluetooth-Enabled Medical Device Is Too Easy
Hacking A Bluetooth-Enabled Medical Device Is Too EasyHacking A Bluetooth-Enabled Medical Device Is Too Easy
Hacking A Bluetooth-Enabled Medical Device Is Too EasyIFAH
 
Security transformation: Helping you manage digital risk
Security transformation: Helping you manage digital riskSecurity transformation: Helping you manage digital risk
Security transformation: Helping you manage digital riskCristian Garcia G.
 
Security from sensor to sunset. “How to approach the security in the IoT ecos...
Security from sensor to sunset. “How to approach the security in the IoT ecos...Security from sensor to sunset. “How to approach the security in the IoT ecos...
Security from sensor to sunset. “How to approach the security in the IoT ecos...Data Driven Innovation
 
Bitzer Mobile TiECON 2013 Pitch Indus Khaitan
Bitzer Mobile TiECON 2013 Pitch Indus KhaitanBitzer Mobile TiECON 2013 Pitch Indus Khaitan
Bitzer Mobile TiECON 2013 Pitch Indus KhaitanIndus Khaitan
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityIndus Khaitan
 
The Internet of Things – Good, Bad or Just Plain Ugly?
The Internet of Things – Good, Bad or Just Plain Ugly?The Internet of Things – Good, Bad or Just Plain Ugly?
The Internet of Things – Good, Bad or Just Plain Ugly?Yasmin AbdelAziz
 
El Futuro de la Cibersegu
El Futuro de la CiberseguEl Futuro de la Cibersegu
El Futuro de la CiberseguCristian Garcia G.
 
Zig bee
Zig beeZig bee
Zig beeculsunil
 

Recommended

Hacking A Bluetooth-Enabled Medical Device Is Too Easy
Hacking A Bluetooth-Enabled Medical Device Is Too EasyHacking A Bluetooth-Enabled Medical Device Is Too Easy
Hacking A Bluetooth-Enabled Medical Device Is Too EasyIFAH
 
Security transformation: Helping you manage digital risk
Security transformation: Helping you manage digital riskSecurity transformation: Helping you manage digital risk
Security transformation: Helping you manage digital riskCristian Garcia G.
 
Security from sensor to sunset. “How to approach the security in the IoT ecos...
Security from sensor to sunset. “How to approach the security in the IoT ecos...Security from sensor to sunset. “How to approach the security in the IoT ecos...
Security from sensor to sunset. “How to approach the security in the IoT ecos...Data Driven Innovation
 
Bitzer Mobile TiECON 2013 Pitch Indus Khaitan
Bitzer Mobile TiECON 2013 Pitch Indus KhaitanBitzer Mobile TiECON 2013 Pitch Indus Khaitan
Bitzer Mobile TiECON 2013 Pitch Indus KhaitanIndus Khaitan
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityIndus Khaitan
 
The Internet of Things – Good, Bad or Just Plain Ugly?
The Internet of Things – Good, Bad or Just Plain Ugly?The Internet of Things – Good, Bad or Just Plain Ugly?
The Internet of Things – Good, Bad or Just Plain Ugly?Yasmin AbdelAziz
 
El Futuro de la Cibersegu
El Futuro de la CiberseguEl Futuro de la Cibersegu
El Futuro de la CiberseguCristian Garcia G.
 
Zig bee
Zig beeZig bee
Zig beeculsunil
 
Iot top 10 vulnerabilities and misconceptions 2016
Iot top 10 vulnerabilities and misconceptions 2016Iot top 10 vulnerabilities and misconceptions 2016
Iot top 10 vulnerabilities and misconceptions 2016Erez Metula
 
Cyber Security - Whats the Worst that Could Happen
Cyber Security - Whats the Worst that Could HappenCyber Security - Whats the Worst that Could Happen
Cyber Security - Whats the Worst that Could HappenRob Stevenson
 
Omega Security Systems Overview
Omega Security Systems OverviewOmega Security Systems Overview
Omega Security Systems Overviewdanrenn
 
IoT - Rise of New Zombies Army
IoT - Rise of New Zombies ArmyIoT - Rise of New Zombies Army
IoT - Rise of New Zombies ArmyMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Lietuvos kompiuterininkų sąjunga
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldPing Identity
 
Bit Defender Anti virus by Anupam
Bit Defender Anti virus by AnupamBit Defender Anti virus by Anupam
Bit Defender Anti virus by AnupamUnified Child Foundation
 
Skills To Pay The Bills: Mastering Soft Skills For Workplace Success
Skills To Pay The Bills: Mastering Soft Skills For Workplace SuccessSkills To Pay The Bills: Mastering Soft Skills For Workplace Success
Skills To Pay The Bills: Mastering Soft Skills For Workplace SuccessJMSAVOIE
 
The application security controller
The application security controllerThe application security controller
The application security controllerChris Swan
 
What makes the IT industry tick?
What makes the IT industry tick? What makes the IT industry tick?
What makes the IT industry tick? Richard Stiennon
 
Hack the World: IT/IOT/ICS SCADA OSINT
Hack the World: IT/IOT/ICS SCADA OSINT Hack the World: IT/IOT/ICS SCADA OSINT
Hack the World: IT/IOT/ICS SCADA OSINT DefCamp
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderBitdefender Enterprise
 
Internet of things_presentation_11_04_2021
Internet of things_presentation_11_04_2021Internet of things_presentation_11_04_2021
Internet of things_presentation_11_04_2021Mayur Sarode
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkMartin Vigo
 
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...« The Microsoft Research Lab of Things » : from IoT research and prototyping,...
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...Microsoft
 
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZscaler
 
JTAG Debugging with the ESP32, Visual Micro and PlatformIO
JTAG Debugging with the ESP32, Visual Micro and PlatformIOJTAG Debugging with the ESP32, Visual Micro and PlatformIO
JTAG Debugging with the ESP32, Visual Micro and PlatformIOPeter Gallagher
 
Accellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, LondonAccellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, LondonProofpoint
 
Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3princescorpio
 
safedrop secure communications
safedrop secure communicationssafedrop secure communications
safedrop secure communicationsAngus Bradley
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at ScaleWinston Morton
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 

More Related Content

What's hot

Iot top 10 vulnerabilities and misconceptions 2016
Iot top 10 vulnerabilities and misconceptions 2016Iot top 10 vulnerabilities and misconceptions 2016
Iot top 10 vulnerabilities and misconceptions 2016Erez Metula
 
Cyber Security - Whats the Worst that Could Happen
Cyber Security - Whats the Worst that Could HappenCyber Security - Whats the Worst that Could Happen
Cyber Security - Whats the Worst that Could HappenRob Stevenson
 
Omega Security Systems Overview
Omega Security Systems OverviewOmega Security Systems Overview
Omega Security Systems Overviewdanrenn
 
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Lietuvos kompiuterininkų sąjunga
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldPing Identity
 
Skills To Pay The Bills: Mastering Soft Skills For Workplace Success
Skills To Pay The Bills: Mastering Soft Skills For Workplace SuccessSkills To Pay The Bills: Mastering Soft Skills For Workplace Success
Skills To Pay The Bills: Mastering Soft Skills For Workplace SuccessJMSAVOIE
 
The application security controller
The application security controllerThe application security controller
The application security controllerChris Swan
 
What makes the IT industry tick?
What makes the IT industry tick? What makes the IT industry tick?
What makes the IT industry tick? Richard Stiennon
 
Hack the World: IT/IOT/ICS SCADA OSINT
Hack the World: IT/IOT/ICS SCADA OSINT Hack the World: IT/IOT/ICS SCADA OSINT
Hack the World: IT/IOT/ICS SCADA OSINT DefCamp
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderBitdefender Enterprise
 
Internet of things_presentation_11_04_2021
Internet of things_presentation_11_04_2021Internet of things_presentation_11_04_2021
Internet of things_presentation_11_04_2021Mayur Sarode
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkMartin Vigo
 
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...« The Microsoft Research Lab of Things » : from IoT research and prototyping,...
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...Microsoft
 
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZscaler
 
JTAG Debugging with the ESP32, Visual Micro and PlatformIO
JTAG Debugging with the ESP32, Visual Micro and PlatformIOJTAG Debugging with the ESP32, Visual Micro and PlatformIO
JTAG Debugging with the ESP32, Visual Micro and PlatformIOPeter Gallagher
 
Accellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, LondonAccellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, LondonProofpoint
 
Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3princescorpio
 
safedrop secure communications
safedrop secure communicationssafedrop secure communications
safedrop secure communicationsAngus Bradley
 

What's hot (20)

Iot top 10 vulnerabilities and misconceptions 2016
Iot top 10 vulnerabilities and misconceptions 2016Iot top 10 vulnerabilities and misconceptions 2016
Iot top 10 vulnerabilities and misconceptions 2016
 
Cyber Security - Whats the Worst that Could Happen
Cyber Security - Whats the Worst that Could HappenCyber Security - Whats the Worst that Could Happen
Cyber Security - Whats the Worst that Could Happen
 
Omega Security Systems Overview
Omega Security Systems OverviewOmega Security Systems Overview
Omega Security Systems Overview
 
IoT - Rise of New Zombies Army
IoT - Rise of New Zombies ArmyIoT - Rise of New Zombies Army
IoT - Rise of New Zombies Army
 
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual World
 
Bit Defender Anti virus by Anupam
Bit Defender Anti virus by AnupamBit Defender Anti virus by Anupam
Bit Defender Anti virus by Anupam
 
Skills To Pay The Bills: Mastering Soft Skills For Workplace Success
Skills To Pay The Bills: Mastering Soft Skills For Workplace SuccessSkills To Pay The Bills: Mastering Soft Skills For Workplace Success
Skills To Pay The Bills: Mastering Soft Skills For Workplace Success
 
The application security controller
The application security controllerThe application security controller
The application security controller
 
What makes the IT industry tick?
What makes the IT industry tick? What makes the IT industry tick?
What makes the IT industry tick?
 
Hack the World: IT/IOT/ICS SCADA OSINT
Hack the World: IT/IOT/ICS SCADA OSINT Hack the World: IT/IOT/ICS SCADA OSINT
Hack the World: IT/IOT/ICS SCADA OSINT
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to Bitdefender
 
Internet of things_presentation_11_04_2021
Internet of things_presentation_11_04_2021Internet of things_presentation_11_04_2021
Internet of things_presentation_11_04_2021
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdk
 
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...« The Microsoft Research Lab of Things » : from IoT research and prototyping,...
« The Microsoft Research Lab of Things » : from IoT research and prototyping,...
 
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZenith Live - Security Lab - Phantom
Zenith Live - Security Lab - Phantom
 
JTAG Debugging with the ESP32, Visual Micro and PlatformIO
JTAG Debugging with the ESP32, Visual Micro and PlatformIOJTAG Debugging with the ESP32, Visual Micro and PlatformIO
JTAG Debugging with the ESP32, Visual Micro and PlatformIO
 
Accellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, LondonAccellion - The European Information Security Summit, London
Accellion - The European Information Security Summit, London
 
Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3
 
safedrop secure communications
safedrop secure communicationssafedrop secure communications
safedrop secure communications
 

Similar to IoT Trust by Design: Lessons Learned in Wearables and Smart Home Products

Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at ScaleWinston Morton
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT SuccessElectric Imp
 
The Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityThe Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityOnward Security
 
New challenges to secure the IoT (with notes)
New challenges to secure the IoT (with notes)New challenges to secure the IoT (with notes)
New challenges to secure the IoT (with notes)Caston Thomas
 
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT EcosystemProtecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT EcosystemCA Technologies
 
Exfiltrating Data through IoT
Exfiltrating Data through IoTExfiltrating Data through IoT
Exfiltrating Data through IoTPriyanka Aash
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxmariuse18nolet
 
Principals of IoT security
Principals of IoT securityPrincipals of IoT security
Principals of IoT securityIoT613
 
we accelerate digital transformation - FINAKI IT-INNOVATION SUMMIT
we accelerate digital transformation - FINAKI IT-INNOVATION SUMMITwe accelerate digital transformation - FINAKI IT-INNOVATION SUMMIT
we accelerate digital transformation - FINAKI IT-INNOVATION SUMMITJens Mueller
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxvoversbyobersby
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxvrickens
 
Resin.io overview (2016 July)
Resin.io overview (2016 July)Resin.io overview (2016 July)
Resin.io overview (2016 July)Balena
 
Internet of Things - The Battle for your Home, Commute, and Life
Internet of Things - The Battle for your Home, Commute, and LifeInternet of Things - The Battle for your Home, Commute, and Life
Internet of Things - The Battle for your Home, Commute, and LifeAbhay Aggarwal
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2FitCEO, Inc. (FCI)
 
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrustRoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrustTalea Consulting Srl
 
Personal data breaches and securing IoT devices· By Damon Culber.docx
Personal data breaches and securing IoT devices· By Damon Culber.docxPersonal data breaches and securing IoT devices· By Damon Culber.docx
Personal data breaches and securing IoT devices· By Damon Culber.docxherbertwilson5999
 
Tips on designing for the Internet of Things
Tips on designing for the Internet of ThingsTips on designing for the Internet of Things
Tips on designing for the Internet of ThingsDesign World
 

Similar to IoT Trust by Design: Lessons Learned in Wearables and Smart Home Products (20)

Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at Scale
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success
 
The Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityThe Present and Future of IoT Cybersecurity
The Present and Future of IoT Cybersecurity
 
New challenges to secure the IoT (with notes)
New challenges to secure the IoT (with notes)New challenges to secure the IoT (with notes)
New challenges to secure the IoT (with notes)
 
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT EcosystemProtecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
Protecting Our Cyber-Identity in a Physical and Virtual World for IoT Ecosystem
 
Exfiltrating Data through IoT
Exfiltrating Data through IoTExfiltrating Data through IoT
Exfiltrating Data through IoT
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
 
Principals of IoT security
Principals of IoT securityPrincipals of IoT security
Principals of IoT security
 
we accelerate digital transformation - FINAKI IT-INNOVATION SUMMIT
we accelerate digital transformation - FINAKI IT-INNOVATION SUMMITwe accelerate digital transformation - FINAKI IT-INNOVATION SUMMIT
we accelerate digital transformation - FINAKI IT-INNOVATION SUMMIT
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
 
Resin.io overview (2016 July)
Resin.io overview (2016 July)Resin.io overview (2016 July)
Resin.io overview (2016 July)
 
Internet of Things - The Battle for your Home, Commute, and Life
Internet of Things - The Battle for your Home, Commute, and LifeInternet of Things - The Battle for your Home, Commute, and Life
Internet of Things - The Battle for your Home, Commute, and Life
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2
 
Evento 15 aprile
Evento 15 aprileEvento 15 aprile
Evento 15 aprile
 
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrustRoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
 
Personal data breaches and securing IoT devices· By Damon Culber.docx
Personal data breaches and securing IoT devices· By Damon Culber.docxPersonal data breaches and securing IoT devices· By Damon Culber.docx
Personal data breaches and securing IoT devices· By Damon Culber.docx
 
Tips on designing for the Internet of Things
Tips on designing for the Internet of ThingsTips on designing for the Internet of Things
Tips on designing for the Internet of Things
 
VIISA Investment Day #4 - SecurityBox
VIISA Investment Day #4 - SecurityBoxVIISA Investment Day #4 - SecurityBox
VIISA Investment Day #4 - SecurityBox
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfPriyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfPriyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfPriyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfPriyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfPriyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdfPriyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfPriyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfPriyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfPriyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldPriyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksPriyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

IoT Trust by Design: Lessons Learned in Wearables and Smart Home Products

  • 1. SESSION ID: MODERATOR: #RSAC PANELISTS: MBS-T10 Marc Bown Senior Director, Security Fitbit @marcbown Jeff Wilbur Director, Online Trust Alliance initiative, Internet Society @jeffwilbur01 IOT TRUST BY DESIGN - LESSONS LEARNED IN WEARABLES AND SMART HOME PRODUCTS John Cook Sr Director, Product Management Symantec @disruptprodsguy
  • 2. #RSAC Poll the Audience 2 Session MBS-T10 Are you an IoT manufacturer, do you manage IoT in the enterprise or neither? A – IoT manufacturer B – Manage enterprise IoT C – Neither https://rsa1-live.eventbase.com/polls?event=rsa2018&polls=3802
  • 4. #RSAC What’s at Risk? 4 Smartwatches & wearables 74 F Connected thermostats Home alarm systems Wireless doorbells Real-time video monitoring Smart televisions with built in apps Streaming boxes for ”regular” TVs Gaming consoles Plugs to make other things “smart” Smart lights Connected appliances Source: Symantec
  • 5. #RSAC Are Attacks Really Happening? 5 Threats Blocked Per Home, Per Day 22 Malware Blocked ~8.3/day Phishing Blocked ~1.2/day Botnets Blocked ~5.4/day Scams Blocked ~0.4/day Spam Blocked ~1/day PUP Blocked ~1/day Source: Symantec
  • 6. #RSAC Poll the Audience 6 Session MBS-T10 Which part of the system requires the most "trust by design" discipline to ensure proper security and privacy? A – Devices and sensors B – Mobile apps C – Back-end services https://rsa1-live.eventbase.com/polls?event=rsa2018&polls=3803
  • 7. #RSAC Where Do Vulnerabilities Lie? 7 Key device sub-systems Processor/memory/platform Radios Battery Software stacks Apps and Platforms Cloud & Web Services Devices & Sensors
  • 8. #RSAC Assessing Attack “Reach” 8 Number of Devices Reached Proximity of Attack Home WiFi attack IoT worm Low High Near Far
  • 9. #RSAC Poll the Audience 9 Session MBS-T10 What is the biggest reason security and privacy capability get compromised when developing consumer-grade IoT products? A – Cost B – Time C – Not a priority https://rsa1-live.eventbase.com/polls?event=rsa2018&polls=3804
  • 10. #RSAC Addressing IoT Security and Privacy 10 The Online Trust Alliance’s IoT Trust Framework principles address Security, privacy and lifecycle issues Cover devices/sensors, apps and backend services Authentication CommunicationsControlDisclosuresPrivacy UpdatesSecurityEncryption
  • 11. #RSAC Using Consumer-Grade IoT in the Enterprise 11 Newly released checklist for handling consumer-grade IoT in the enterprise Organized “chronologically”, from purchase and installation through maintenance and end of life
  • 12. #RSAC Lessons Learned 12 Top 2-3 lessons to deliver on IoT “trust by design”
  • 13. #RSAC Resources 13 OTA IoT Trust Framework – https://otalliance.org/system/files/files/initiative/documents/iot_trust_framework6-22.pdf Consumer-Grade IoT in the Enterprise – A Security Checklist https://otalliance.org/system/files/files/initiative/documents/enterprise_iot_checklist.pdf