The potential trillion dollar Internet of Things (IoT) business opportunity rests precariously on one critical factor – security. 71% of executives in our survey agreed that security concerns will influence customers’ purchase decision for IoT products. However, despite increasing cyber attacks and ample warning from security experts, most organizations do not provide adequate security and privacy safeguards for their IoT products. In fact, only 33% of IoT executives in our survey believe that the IoT products in their industry are highly resilient to cyber security attacks. Further, despite rising consumer concerns regarding data privacy, 47% of organizations do not provide any privacy related information regarding their IoT products.
So, why are organizations lagging behind in securing their IoT products and systems? Key reasons for this include an expanded attack surface, inefficiencies in the IoT product development process, and the lack of specialized security skill-sets. For instance, our survey showed that only 48% of companies focus on securing their IoT products from the beginning of the product development phase. Building a secure IoT system begins with the recognition that security needs to be as much of a priority as the features and functionality of an IoT product. The report highlights the key measures that organizations must take in order to put security at the core of their IoT value proposition.
The Digital Transformation Symphony: When IT and Business Play in SyncCapgemini
Digital Masters, such as Starbucks, that leverage digital technologies effectively, differentiate themselves from their peers by consciously striving to build a close relationship between IT and the business. However, Digital Masters are exceptions. The IT-business relationship in most organizations is often a fractious relationship rather than a marriage of equals. Business teams often find the IT department’s high costs and long implementation timelines unacceptable. In addition, IT leaders are often faulted for not speaking the language of business. Leading CIOs take this disconnect head on and try and fix it. Our research shows that leading CIOs take three key actions to align the IT department with the needs of the business: 1. redesign the IT department to unlock digital innovation; 2. create strong digital platforms; 3. rationalize IT Infrastructure to fund digital initiatives. We explore each of these actions in this research paper.
Only few organizations wise up to new digital competitors, as they usually come from outside their own sector and are not taken seriously at first. Their allegedly inferior propositions confuse prominent players, who should in fact be the very first to be fully aware of potentially disruptive innovation.
To swing into action rapidly, existing organizations would be well advised to properly analyze anything resembling digital competition. Evidently, there are clear patterns behind the startup success marking a new techno-economic reality. Ecosystems, APIs, and platforms characterize this New Normal where customers have more freedom of choice and better service at lower costs.
These successful disruptors are called two-sided market players, also known as multi-sided platform players. Companies like Uber and Airbnb are getting all the media attention, however there are over 9000 players (and counting) active in almost every industry.
The new VINT report explores the new digital competition and presents:
A analysis of the success factors of disruption
10 design principles of the new digital competition like Unbundle your organization processes, APIs first. Access over ownership and Building trust with social systems
The need for every business to develop a API-strategy
An appeal to the CIO and the IT department to use a leading digital approach and map out an offensive technological route.
Deconstructing Digital Strategy and Transformation. Trying to break it down into some of it's constituent elements. Hopefully enabling a more execution friendly model of thinking about Digital Strategy.
Monetizing the Internet of Things: Extracting Value from the Connectivity Opp...Capgemini
Cisco has estimated that the Internet of Things (IoT) has the potential to generate about $19 trillion of value over the coming years. The staggering potential size-of-the-prize has certainly caught the attention of the world’s business community. In a recent survey of senior business leaders around the globe, 96% said their companies would be using IoT in some way within the next 3 years. However, there is a catch – most organizations are yet to derive significant commercial value from IoT. Our research shows that 70% of organizations do not generate service revenues from their IoT solutions. We have looked at why organizations are falling short in monetizing the IoT, and have tried to capture some initial observations on monetization models in what is still a very fast-developing marketplace.
Telecommunications is at the heart of the digital economy, driving and enabling the changing consumer behaviors and demands that have transformed how people consume products and services across many sectors. However, digitization is as much a struggle for Telcos as it is for traditional organizations in many industries.
Our latest survey of over 5700 mobile consumers in the US and Europe has found, for example, that consumers are discontented with their operators.
The Digital Transformation Symphony: When IT and Business Play in SyncCapgemini
Digital Masters, such as Starbucks, that leverage digital technologies effectively, differentiate themselves from their peers by consciously striving to build a close relationship between IT and the business. However, Digital Masters are exceptions. The IT-business relationship in most organizations is often a fractious relationship rather than a marriage of equals. Business teams often find the IT department’s high costs and long implementation timelines unacceptable. In addition, IT leaders are often faulted for not speaking the language of business. Leading CIOs take this disconnect head on and try and fix it. Our research shows that leading CIOs take three key actions to align the IT department with the needs of the business: 1. redesign the IT department to unlock digital innovation; 2. create strong digital platforms; 3. rationalize IT Infrastructure to fund digital initiatives. We explore each of these actions in this research paper.
Only few organizations wise up to new digital competitors, as they usually come from outside their own sector and are not taken seriously at first. Their allegedly inferior propositions confuse prominent players, who should in fact be the very first to be fully aware of potentially disruptive innovation.
To swing into action rapidly, existing organizations would be well advised to properly analyze anything resembling digital competition. Evidently, there are clear patterns behind the startup success marking a new techno-economic reality. Ecosystems, APIs, and platforms characterize this New Normal where customers have more freedom of choice and better service at lower costs.
These successful disruptors are called two-sided market players, also known as multi-sided platform players. Companies like Uber and Airbnb are getting all the media attention, however there are over 9000 players (and counting) active in almost every industry.
The new VINT report explores the new digital competition and presents:
A analysis of the success factors of disruption
10 design principles of the new digital competition like Unbundle your organization processes, APIs first. Access over ownership and Building trust with social systems
The need for every business to develop a API-strategy
An appeal to the CIO and the IT department to use a leading digital approach and map out an offensive technological route.
Deconstructing Digital Strategy and Transformation. Trying to break it down into some of it's constituent elements. Hopefully enabling a more execution friendly model of thinking about Digital Strategy.
Monetizing the Internet of Things: Extracting Value from the Connectivity Opp...Capgemini
Cisco has estimated that the Internet of Things (IoT) has the potential to generate about $19 trillion of value over the coming years. The staggering potential size-of-the-prize has certainly caught the attention of the world’s business community. In a recent survey of senior business leaders around the globe, 96% said their companies would be using IoT in some way within the next 3 years. However, there is a catch – most organizations are yet to derive significant commercial value from IoT. Our research shows that 70% of organizations do not generate service revenues from their IoT solutions. We have looked at why organizations are falling short in monetizing the IoT, and have tried to capture some initial observations on monetization models in what is still a very fast-developing marketplace.
Telecommunications is at the heart of the digital economy, driving and enabling the changing consumer behaviors and demands that have transformed how people consume products and services across many sectors. However, digitization is as much a struggle for Telcos as it is for traditional organizations in many industries.
Our latest survey of over 5700 mobile consumers in the US and Europe has found, for example, that consumers are discontented with their operators.
AI in Media & Entertainment: Starting the Journey to ValueCognizant
Up to now, the global media & entertainment industry (M&E) has been lagging most other sectors in its adoption of artificial intelligence (AI). But our research shows that M&E companies are set to close the gap over the coming three years, as they ramp up their investments in AI and reap rising returns. The first steps? Getting a firm grip on data – the foundation of any successful AI strategy – and balancing technology spend with investments in AI skills.
The Work Ahead in Utilities: Powering a Sustainable Future with DigitalCognizant
Utilities are starting to adopt digital technologies to eliminate slow processes, elevate customer experience and boost sustainability, according to our recent study.
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...Capgemini
The Internet is expanding. And this is not just in terms of getting accessible to more people; it is expanding beyond humans. Machines are becoming connected. Machines are talking to humans, but increasingly, they are also talking to one another. And this interconnectedness of machines, or the Internet of Things (IoT), is a potential multi-trillion dollar market that organizations can now tap into.
However, do organizations realize the scale of the opportunity? Capgemini Consulting conducted an extensive survey of IoT products and services of over 100 leading companies across North America and Europe. We also spoke at length with several industry executives at companies developing IoT solutions to understand the challenges companies face. This article presents the results of the survey and highlights the key hurdles companies are facing.
Engineering the Next-Gen Digital Claims Organisation for Australian General I...Cognizant
In recent years, insurers have invested in technology platforms and process improvements to improve
claims outcomes. Leaders will build on this foundation across the claims landscape, spanning experience,
operations, customer service and the overall supply chain with market-differentiating capabilities to
achieve sustainable results.
Report 3 the fourth industrial revolution - things to tighten the link betwe...Rick Bouter
This report was all about the fourth stage of the Industrial Revolution made possible by the far-reaching integration of Operational Technology (OT) and Information Technology (IT). The IT/OT convergence and the end-to-end ecosystems that are under development – from design and production to client interaction and advanced Maintenance, Repair & Overhaul (MRO) – enable a future in which appliances, devices, things and machines for professionals and private people will communicate with central systems, with one another, and with users for the purpose of providing the best possible facilities to makers, service providers, legislators and customers.
Source, Sogeti ViNT: http://vint.sogeti.com/internet-things-4-reports/
Industry 4.0 is the name of the next industrial revolution which is fueled by the advancement of digital technologies. It
is dramatically changing how companies engage in business activities. As a result, the disruptive nature of Industry 4.0
demands a reassessment of the requirements for IT. On the one hand, there is the possibility that the responsibilities of Chief Information Officers (CIOs) could be taken over by other executives such as the Chief Digital Officer (CDO) or the Chief Technology Officer (CTO). On the other hand, this
recent development creates entirely new perspectives for positioning themselves and their IT departments
within the business.
The impact of digital technologies is reaching a magnitude at which IT is considered a substantial
business driver, potentially placing CIOs in the driver’s seat.
The Work Ahead in Intelligent Automation: Coping with Complexity in a Post-Pa...Cognizant
Intelligent automation continues to be a top driver of the future of work, according to our recent study. To reap the full advantages, businesses need to move from isolated to widespread deployment.
The Work Ahead: Transportation and Logistics Delivering on the Digital-Physic...Cognizant
The T&L industry appears poised to accelerate its long-overdue modernization drive, as the pandemic spurs an increased need for agility and resilience, according to our study.
Realising Digital’s Full Potential in the Value ChainCognizant
When we spoke with executives across Europe who lead digitising efforts, they described a diverse range of deployments, but digital can, and must, deliver far more than it has so far. In this ebook, we explore how businesses can explore digital's full potential across their value chain.
Cracking the Data Conundrum: How Successful Companies Make #BigData OperationalCapgemini
There is little arguing the benefits and disruptive potential of Big Data. However, many organizations have not fully embedded Big Data in their operations. In fact, our research shows that only 13% have achieved full-scale production for their Big Data implementations. The most troubling development is that most organizations are failing to benefit from their investments. Only 27% of respondents described their Big Data initiatives as “successful” and only 8% described them as “very successful”.
So, how can organizations make Big Data operational? There are many factors that go into the making of a successful Big Data implementation. However, the single biggest factor that we observed in our research was that organizations that have a strong operating model stood apart. This operating model has multiple distinct elements, which include, among others, a well-defined organizational structure, systematic implementation plan, and strong leadership support. For instance, success rates for organizations with an analytics business unit are nearly 2.5 times those that have ad-hoc, isolated teams. The report highlights the key factors for successful Big Data implementations.
Going Digital: General Electric and its Digital TransformationCapgemini
How can a company that is over a century old transform itself to thrive in a digital economy?
For GE, responding to change is part of its modus operandi. This is a company that has famously made change a core capability and a constant in its history. For over 120 years, GE has ploughed forward under a banner of “Building, powering, moving and curing the world. Not just imagining. Doing.” This constant focus on innovation and transformation has made the company the only one to still remain in the Dow Jones Industrial Index since the original index was established in 1896.
GE is betting big on software and analytics to bring about its transformation, with Jeff Immelt stating: “I took over an industrial company, now it will be known as an analytics company”. GE’s focus on data analytics was clear back in 2012 when it set aside up to $1.5 billion for small take-overs to boost its presence in analytics. GE currently monitors and analyzes 50 million data elements from 10 million sensors on $1 trillion of managed assets daily to move customers toward zero unplanned downtime.
GE’s digital transformation is not the result of being in the right place at the right time. Instead, it is the result of a structured approach that involved a strong top-down digital vision, capability development, achieving all-round buy-in and a constant focus on innovation.
While many digital natives, from FaceBook to Uber, continue to take much of the limelight, this 120-year-old giant of the corporate world shows that digital agility is not just confined to the new Millennial corporates.
Catering to 'Generation Now': Making Digital Connections Intelligent, Persona...Cognizant
Our recent research uncovers the digital media preferences among the younger cohort - Generation Z and millennials - concerning connectivity, content and commerce.
Ctrl-alt-del: Rebooting the Business Model for the Digital AgeCapgemini
Our research with the MIT Sloan Management Review reveals that only 16% of organizations are leveraging digital technologies to develop new business models. Most organizations follow traditional approaches to innovation that focus on new products and services, rather than on business models. However, research suggests that the returns from traditional approaches have been diminishing with time. As Serguei Netessine, Professor at INSEAD Singapore says, “Pharmaceutical companies spend as much as 30% of their revenues on R&D, trying to develop new products or technologies. But the return from this enormous expenditure has been very elusive and it is a common problem across industries.” Business model reinvention can be as good a route as technology, product or service innovations. This research highlight five different approaches that organizations can adopt to reinvent their business model with digital technologies.
As the rise in sophisticated digital technologies drives an exponential change in online customer behaviour, the need for businesses to embrace digital transformation has never been greater.
This is a talk which I gave to the Brighton IoT Forum on 23/03/2016. It looks at the challenges of scaling IoT security from the perspective of protection of critical national infrastructure from cyber-attack. It then campares this to the security scaling challenges of a small startup business with a great product idea. The presentation concludes that there are similarities between both 'micro' and 'macro' IoT scaling scenarios. In both cases it is essential to cultivate a 'security mindset'.
Yesterday Pierluigi Paganini, CISO Bit4Id and founder Security Affairs, presented at the ISACA Roma & OWASP Italy conference the state of the art for the Internet of Things paradigm. The presentation highlights the security and privacy issues for the Internet of Things, a technology that is changing user’s perception of the technology.
AI in Media & Entertainment: Starting the Journey to ValueCognizant
Up to now, the global media & entertainment industry (M&E) has been lagging most other sectors in its adoption of artificial intelligence (AI). But our research shows that M&E companies are set to close the gap over the coming three years, as they ramp up their investments in AI and reap rising returns. The first steps? Getting a firm grip on data – the foundation of any successful AI strategy – and balancing technology spend with investments in AI skills.
The Work Ahead in Utilities: Powering a Sustainable Future with DigitalCognizant
Utilities are starting to adopt digital technologies to eliminate slow processes, elevate customer experience and boost sustainability, according to our recent study.
The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar P...Capgemini
The Internet is expanding. And this is not just in terms of getting accessible to more people; it is expanding beyond humans. Machines are becoming connected. Machines are talking to humans, but increasingly, they are also talking to one another. And this interconnectedness of machines, or the Internet of Things (IoT), is a potential multi-trillion dollar market that organizations can now tap into.
However, do organizations realize the scale of the opportunity? Capgemini Consulting conducted an extensive survey of IoT products and services of over 100 leading companies across North America and Europe. We also spoke at length with several industry executives at companies developing IoT solutions to understand the challenges companies face. This article presents the results of the survey and highlights the key hurdles companies are facing.
Engineering the Next-Gen Digital Claims Organisation for Australian General I...Cognizant
In recent years, insurers have invested in technology platforms and process improvements to improve
claims outcomes. Leaders will build on this foundation across the claims landscape, spanning experience,
operations, customer service and the overall supply chain with market-differentiating capabilities to
achieve sustainable results.
Report 3 the fourth industrial revolution - things to tighten the link betwe...Rick Bouter
This report was all about the fourth stage of the Industrial Revolution made possible by the far-reaching integration of Operational Technology (OT) and Information Technology (IT). The IT/OT convergence and the end-to-end ecosystems that are under development – from design and production to client interaction and advanced Maintenance, Repair & Overhaul (MRO) – enable a future in which appliances, devices, things and machines for professionals and private people will communicate with central systems, with one another, and with users for the purpose of providing the best possible facilities to makers, service providers, legislators and customers.
Source, Sogeti ViNT: http://vint.sogeti.com/internet-things-4-reports/
Industry 4.0 is the name of the next industrial revolution which is fueled by the advancement of digital technologies. It
is dramatically changing how companies engage in business activities. As a result, the disruptive nature of Industry 4.0
demands a reassessment of the requirements for IT. On the one hand, there is the possibility that the responsibilities of Chief Information Officers (CIOs) could be taken over by other executives such as the Chief Digital Officer (CDO) or the Chief Technology Officer (CTO). On the other hand, this
recent development creates entirely new perspectives for positioning themselves and their IT departments
within the business.
The impact of digital technologies is reaching a magnitude at which IT is considered a substantial
business driver, potentially placing CIOs in the driver’s seat.
The Work Ahead in Intelligent Automation: Coping with Complexity in a Post-Pa...Cognizant
Intelligent automation continues to be a top driver of the future of work, according to our recent study. To reap the full advantages, businesses need to move from isolated to widespread deployment.
The Work Ahead: Transportation and Logistics Delivering on the Digital-Physic...Cognizant
The T&L industry appears poised to accelerate its long-overdue modernization drive, as the pandemic spurs an increased need for agility and resilience, according to our study.
Realising Digital’s Full Potential in the Value ChainCognizant
When we spoke with executives across Europe who lead digitising efforts, they described a diverse range of deployments, but digital can, and must, deliver far more than it has so far. In this ebook, we explore how businesses can explore digital's full potential across their value chain.
Cracking the Data Conundrum: How Successful Companies Make #BigData OperationalCapgemini
There is little arguing the benefits and disruptive potential of Big Data. However, many organizations have not fully embedded Big Data in their operations. In fact, our research shows that only 13% have achieved full-scale production for their Big Data implementations. The most troubling development is that most organizations are failing to benefit from their investments. Only 27% of respondents described their Big Data initiatives as “successful” and only 8% described them as “very successful”.
So, how can organizations make Big Data operational? There are many factors that go into the making of a successful Big Data implementation. However, the single biggest factor that we observed in our research was that organizations that have a strong operating model stood apart. This operating model has multiple distinct elements, which include, among others, a well-defined organizational structure, systematic implementation plan, and strong leadership support. For instance, success rates for organizations with an analytics business unit are nearly 2.5 times those that have ad-hoc, isolated teams. The report highlights the key factors for successful Big Data implementations.
Going Digital: General Electric and its Digital TransformationCapgemini
How can a company that is over a century old transform itself to thrive in a digital economy?
For GE, responding to change is part of its modus operandi. This is a company that has famously made change a core capability and a constant in its history. For over 120 years, GE has ploughed forward under a banner of “Building, powering, moving and curing the world. Not just imagining. Doing.” This constant focus on innovation and transformation has made the company the only one to still remain in the Dow Jones Industrial Index since the original index was established in 1896.
GE is betting big on software and analytics to bring about its transformation, with Jeff Immelt stating: “I took over an industrial company, now it will be known as an analytics company”. GE’s focus on data analytics was clear back in 2012 when it set aside up to $1.5 billion for small take-overs to boost its presence in analytics. GE currently monitors and analyzes 50 million data elements from 10 million sensors on $1 trillion of managed assets daily to move customers toward zero unplanned downtime.
GE’s digital transformation is not the result of being in the right place at the right time. Instead, it is the result of a structured approach that involved a strong top-down digital vision, capability development, achieving all-round buy-in and a constant focus on innovation.
While many digital natives, from FaceBook to Uber, continue to take much of the limelight, this 120-year-old giant of the corporate world shows that digital agility is not just confined to the new Millennial corporates.
Catering to 'Generation Now': Making Digital Connections Intelligent, Persona...Cognizant
Our recent research uncovers the digital media preferences among the younger cohort - Generation Z and millennials - concerning connectivity, content and commerce.
Ctrl-alt-del: Rebooting the Business Model for the Digital AgeCapgemini
Our research with the MIT Sloan Management Review reveals that only 16% of organizations are leveraging digital technologies to develop new business models. Most organizations follow traditional approaches to innovation that focus on new products and services, rather than on business models. However, research suggests that the returns from traditional approaches have been diminishing with time. As Serguei Netessine, Professor at INSEAD Singapore says, “Pharmaceutical companies spend as much as 30% of their revenues on R&D, trying to develop new products or technologies. But the return from this enormous expenditure has been very elusive and it is a common problem across industries.” Business model reinvention can be as good a route as technology, product or service innovations. This research highlight five different approaches that organizations can adopt to reinvent their business model with digital technologies.
As the rise in sophisticated digital technologies drives an exponential change in online customer behaviour, the need for businesses to embrace digital transformation has never been greater.
This is a talk which I gave to the Brighton IoT Forum on 23/03/2016. It looks at the challenges of scaling IoT security from the perspective of protection of critical national infrastructure from cyber-attack. It then campares this to the security scaling challenges of a small startup business with a great product idea. The presentation concludes that there are similarities between both 'micro' and 'macro' IoT scaling scenarios. In both cases it is essential to cultivate a 'security mindset'.
Yesterday Pierluigi Paganini, CISO Bit4Id and founder Security Affairs, presented at the ISACA Roma & OWASP Italy conference the state of the art for the Internet of Things paradigm. The presentation highlights the security and privacy issues for the Internet of Things, a technology that is changing user’s perception of the technology.
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...ClicTest
We are in the age of Cybercrimes and just getting started with Internet of Things. There will be a huge demand for IoT as 50 billion connected devices will be deployed across the globe by 2020. These devices will communicate with each other where the web and the physical world will meet with different set of internet infrastructure and protocols. This in turn, will not only help us in saving money, but also provide us with more options.
Discussion Topics:
• The importance of IoT
• How will they impact in our everyday lives?
• Is Internet of Things Secure?
• Securing Internet of Things
But, the Tech buzz is all about: Security of Things (Security in the Internet of Things). How far these Internet of Things can be trusted? Can these IoT devices be hacked? How they have become the Next Cyber Security Target for hackers? How can we secure Internet of Things?
For more details, please visit www.clictest.com or drop us an email to info@clictest.com
More and more IoT vulnerabilities are found and showcased at security events. From connected thermostats to power plants!
Insecurity became the favorite subject for creating catchy IoT headlines: "Connected killer toaster", "Fridges changed into spamming machines","Privacy concerns around connected home".
We will explore the five challenges one has to face when building a secure IoT solution:
- hardware security: how to avoid rogue firmwares and keep your security keys safe?
- upgrade strategy: you can't secure what you can't update!
- secure transport: no security without secure transports.
- security credentials distribution: how to distribute security keys to a fleet with millions of devices?
- cloud vulnerability mitigation, how to keep your fleet of devices safe from the next Heartbleed?
Current enterprise infrastructure provides solutions for handling application security but are they really matching the IoT challenge? Could running a PKI client on a low power wireless sensor node be an option?
Despite those difficulties, we will show how a modern IoT device management standard like Lightweight M2M with DTLS is the way for building a secur-first IoT solutions. It provides a solution for upgrading your device, distributing your security keys and comes with a full range of cryptography cipher suites, from PSK algorithm for very constrained devices to high level of security using X.509 certificates.
Furthermore for adding security to your solution we will present you ready to use opensource libraries for implementing secure IoT servers and devices. The way for quickly releasing your next catchy connected product.!
Ultimately we will showcase Wakaama and Leshan, the Eclipse IoT Lightweight M2M implementation maybe your next best friend in the troubled water of Internet-Of-Things security!
By 2020, more than 25 billion devices will have extensive Internet capabilities. These range from your refrigerator and other consumer electronics and our connected cars. Along the way there are several challenges to overcome in providing a secure platform for our Internet of things, among them the limited performance and memory of the device, the ever increasing volume of data and rising demand of users within given standards. The detection of Cyber-threats in real time and prevention of dynamic attacks as they occur will be essential for the success of the Internet of Things and Industrie4.0. Christian Milde will explain how we will address these issues.
WHITE PAPER▶ Insecurity in the Internet of ThingsSymantec
The Internet of Things (IoT) market has begun to take off. Consumers can buy connected versions of nearly every household appliance available. However, despite its increasing acceptance by consumers, recent studies of IoT devices seem to agree that “security” is not a word that gets associated with this category of devices, leaving consumers potentially exposed.
To find out for ourselves how IoT devices fare when it comes to security, we analyzed 50 smart home devices that are available today. We found that none of the devices enforced strong passwords, used mutual authentication, or protected accounts against brute-force attacks. Almost two out of ten of the mobile apps used to control the tested IoT devices did not use Secure Sockets Layer (SSL) to encrypt communications to the cloud. The tested IoT technology also contained many common vulnerabilities.
All of the potential weaknesses that could afflict IoT systems, such as authentication and traffic encryption, are already well known to the security industry, but despite this, known mitigation techniques are often neglected on these devices. IoT vendors need to do a better job on security before their devices become ubiquitous in every home, leaving millions of people at risk of cyberattacks
The presentation focuses on how enterprises can turn Internet-of-Things-Data into Action and outlines the 5-A Model for Data Actionability. 5A stands for Action, Assignment, Analysis, Aggregation and Acquisition.
Central questions such as “How do I identify bad quality during or before the process?” or “How do I prevent unplanned downtime?” are addressed in this presentation by Prof. Michael Capone, at the Capgemini Week of Innovation Networks 2016.
-IoT Security is a Safety/Privacy Issue
-Consider the devices you bring into your home and to work
Video Links:
-Hue: https://www.youtube.com/watch?v=7TOsFqqJgj4
-Slow Cooker: https://www.walmart.com/ip/BLACK-DECKER-WiFi-Enabled-6-Quart-Slow-Cooker/128745799
-Smart Toilet: https://www.youtube.com/watch?v=HyZ7S4fE5v4
Two of the three largest data breaches in healthcare industry history have occurred in the past six months – exposing personally identifiable patient and health plan membership records on 84.5 million individuals – a number equal to the populations of California, Texas, New York and Nevada combined. Both breaches were attributed to hackers from China. These, and other massive hacks in financial services and retail, prompted President Obama to sign an executive order in February calling on government and the private sector to step up the nation's defenses against cybersecurity threats.
As hospitals and health care systems continue to expand their digital collection and capabilities, surveys show that their security measures lag behind those of other industries. Hospitals’ weaknesses include their failure to assess the security of staffers’ mobile devices and of medical monitoring equipment that store patient identifiers as well as medical information. Physician groups represent another vulnerability because they often fail to do any security risk analysis.
This session will examine best practices that providers can implement to help keep data safe and hackers at bay.
This blog presentation discusses the growing significance of IoT Security Testing in a world where billions of devices are getting connected via the Internet of Things.
Top 10 Cybersecurity Trends to Watch Out For in 2022ManviShukla4
With the Digital revolution around all businesses, small or large, corporates, organizations and even governments are relying on computerized systems to manage their day-to-day activities and thus making cybersecurity a primary goal to safeguard data from various online attacks or any unauthorized access. Continuous change in technologies also implies a parallel shift in cybersecurity trends as news of data breach, ransomware and hacks become the norms. Here are the top cybersecurity trends for 2022.
While regulatory actions and the move to SaaS has added complexity to keeping enterprise IT secure, new technologies such as AI and DevSecOps offer new forms of relief.
Open Source Insight: Meltdown, Spectre Security Flaws “Impact Everything”Black Duck by Synopsys
Welcome to 2018, with two major security flaws revealed that makes any computer device that has chips from Intel, AMD and ARM at risk. One security flaw, dubbed Meltdown, impacts Intel semiconductors, enabling enabling bad guys to steal passwords. The other security flaw, Spectre, impacts chips from all three companies. During an interview with CNBC covered by Reuters, Intel’s chief executive noted that “Phones, PCs, everything are going to have some impact, but it’ll vary from product to product.”
In other cybersecurity news, we look at 10 open source technologies you need to know about, cybersecurity predictions for 2018, and an interesting white paper published by the University of Michigan on identifying cybersecurity threats in connected vehicles.
What are top 7 cyber security trends for 2020TestingXperts
Top 7 Cybersecurity Trends to Look Out For in 2020. Data Breaches as the Top Cyberthreat. The Cybersecurity Skills Gap. Cloud Security Issues. Automation and Integration in Cybersecurity. A Growing Awareness of the Importance of Cybersecurity. Mobile Devices as a Major Cybersecurity Risk.
Biometrics: A New Wrinkle Changes the Authentication Landscape mercatoradvisory
Criminal theft of passwords has made passwords obsolete, and so a new factor is required for authentication. Biometrics will be that new factor. It increases security and will prove more convenient for the consumer than passwords as it transitions into a persistent identity over the next 5 to 8 years. Increasingly smartphones are shipping with trusted execution environments that can displace traditional hardware security fobs. These new smartphones are critical to this fundamental shift in biometrics.
A new research report from Mercator Advisory Group titled Biometrics: A New Wrinkle Changes the Authentication Landscape explains the need for multimodal biometric authentication and describes many types of biometrics available from various technology providers. The report shows how biometrics technology has shifted from a primarily hardware-based solution to a software-and cloud-based solution enabled by smartphones that have become much more secure. With voice and face recognition, and now the addition of behavioral biometrics, this shift will drive rapid new innovation and will tip the market in favor of the mobile architecture.
Digital Forensics Market, Size, Global Forecast 2023-2028Renub Research
Global Digital Forensics Market is forecasted to hit US$ 13.93 Billion by 2028, according to Renub Research. The modern world has witnessed an increased dependence on the latest digital technology. With the widespread adoption of the internet, smartphones, social media platforms like Facebook, Internet of Things (IoT), GPS, fitness trackers, and even smart cars, it has become increasingly difficult for digital forensics investigators to retrieve digital data.
IoT is a critical enabler for going digital. Like other domains, getting the basics right is critical to make a thriving IoT ecosystem. I did this workshop in Middle East to educate the audience (from public and private sector) on the three essential enablers for building a trustworthy foundation for IoT projects: reliable connectivity, a robust security framework and an agile monetization environment. Data generated by IoT endpoints may very well be the oil, but it requires these three key enablers to make it all work!
Trends in Cybersecurity that Businesses Need to Look Out for in 2023.pptxMetaorange
5G networks will usher in a new era of IoT connectivity. This interconnectedness between devices makes them vulnerable to outside interference, threats, or undetected software flaws. Google has revealed critical flaws in its Chrome Web Browser, which is the most widely used.
Proposed T-Model to cover 4S quality metrics based on empirical study of root...IJECEIAES
There are various root causes of software failures. Few years ago, software used to fail mainly due to functionality related bugs. That used to happen due to requirement misunderstanding, code issues and lack of functional testing. A lot of work has been done in past on this and software engineering has matured over time, due to which software’s hardly fail due to functionality related bugs. To understand the most recent failures, we had to understand the recent software development methodologies and technologies. In this paper we have discussed background of technologies and testing progression over time. A survey of more than 50 senior IT professionals was done to understand root cause of their software project failures. It was found that most of the softwares fail due to lack of testing of non-functional parameters these days. A lot of research was also done to find most recent and most severe software failures. Our study reveals that main reason of software failures these days is lack of testing of non-functional requirements. Security and Performance parameters mainly constitute non-functional requirements of software. It has become more challenging these days due to lots of development in the field of new technologies like Internet of things (IoT), Cloud of things (CoT), Artificial Intelligence, Machine learning, robotics and excessive use of mobile and technology in everything by masses. Finally, we proposed a software development model called as T-model to ensure breadth and depth of software is considered while designing and testing of software.
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Black Duck by Synopsys
A wide spectrum of cybersecurity and open source security news in this week’s Open Source Insight, including the need for hospitals to ramp up their cybersecurity efforts; the need to include open source security in any plan to secure medical devices; a major data breach at Italian bank Unicredit; two Black Duck executives share their views on open source security in video interviews; and why the automotive industry many be close to an iPhone moment.
Similar to Securing the Internet of Things Opportunity: Putting Cybersecurity at the Heart of the #IoT (20)
COVID-19 heightened chronic challenges within the global healthcare industry. It became a catalyst amid fierce competition and tight regulations for health providers and payers to focus on digital health, cybersecurity, patient data transparency, and a variety of customer-centric and operational enhancements. As a result, we found the 2022 trendline pointing to improvements in access and quality of care.
Healthcare challenges such as optimizing the cost of care while simultaneously enabling personalized interventions and consumer-friendly shoppable services are long-standing − but, historically, the industry has been slow to react.
Read our Top Trends 2022 report to examine the lingering ramifications of the pandemic, responses from medical and insurance organizations, and the worldwide impact of ever-changing regulatory standards and mandates.
A combination of factors − the pandemic, catastrophic weather events, evolving policyholder expectations, and insurers’ drive for operational efficiency and future relevance − are sparking P&C industry changes.
In a post-COVID, new-normal environment, the most strategic insurers are building resilient, crisis-proof enterprises poised to take advantage of emerging and future business opportunities. They are leveraging advanced data analytics and novel technologies to assure agility and achieve positive revenue and customer satisfaction outcomes. Competitive advantage will hinge on accelerated digitalization and faster go-to-market. Therefore, win-win partnerships and embedded services with InsurTechs and other ecosystem players are critical.
Read Capgemini’s Top P&C Insurance Trends 2022 for a glimpse at the tactical and strategic initiatives carriers are undertaking to boost customer-centricity, product agility, intelligent processes, and an open ecosystem to ensure profitable growth and future-readiness.
This analysis provides an overview of the top trends in the commercial banking sector as they shift to technology high gear to boost client efficiency and battle a volatile, uncertain, competitive, and evolving landscape.
First, it was retail banking. Now, advanced technology is shifting to – and disrupting − the commercial banking space. Many commercial banks, known for paperwork, red tape, and branch dependency, were unprepared to support clients during their post-COVID-19 ramp-up. But now, the digital pivot to new mindsets, partnerships, and processes is in overdrive.
As commercial banks grapple with competition from FinTechs, BigTechs, and alternative lenders, their inability
to fulfill SME demands and pandemic after-shocks necessitates transformative process changes and a move
to experiential, sustainable, and inclusive banking models. We expect banks to strive to meet the demands
of corporate clients and SMEs by digitally transforming critical workflows and improving client experience.
Additionally, incremental process improvements in the middle and back-office that leverage intelligent
automation will keep the competition at bay because engaged clients are loyal.
Adopting newer methods to mine data and moving to as-a-Service models will prepare commercial banks
to flexibly respond to newcomers and find ways to co-exist through effective collaboration. The time has come for commercial banks to put transformation on the fast track as lending losses in wallet and market share could spill over to other functions!
How incumbents react and respond to 2022 trends could determine their relevancy and resiliency in the years ahead.
The Covid-19 pandemic necessitated the payments industry undergo a facelift, sparked by novel approaches from new-age players, fostered by industry consolidation, and customers’ demand for end-to-end experience. Crossing the threshold, the industry is entering a new era – Payments 4.X, where payments are embedded and invisible, and an enabling function to provide frictionless customer experience. As customers make a permanent shift to next-gen payment methods, Digital IDs are critical for a seamless payment experience. The B2B payments segment is witnessing rapid digitization. BigTechs, PayTechs, and industry newcomers are ready to jump in with newfangled solutions to help underserved small to medium-sized businesses (SMBs).
As incumbents struggle with profits, new-age firms are forging ahead to take the lead in the Payments 4.X era by riding the success of non-card products and services. The new era demands collaboration, platformification, and firms can unleash full market potential only by embracing API-based business models and open ecosystems. Data prowess and enhanced payment processing capabilities are inevitable to thrive ahead. The clock is ticking for banks and traditional payments firms because the competitive advantage is not guaranteed forever. As industry players seek economies of scale, consolidations loom, and non-banks explore new territories to threaten incumbents’ market share. While all these 2022 trends are at play, central bank digital currency (CBDC) is emerging globally and might open a new chapter in the current payments landscape.
As we slowly move out of the pandemic, financial services firms have learned the criticality of virtual engagement to business resilience. Wealth management firms will need capabilities to cater to new-age clients and deliver new-age services. This report aims to understand and analyze the top trends in the Wealth Management industry this year and beyond.
A year ago, our Top Trends in Wealth Management report emphasized how the pandemic sparked disruption and digital transformation and changing investor attitudes around Environmental, Social, and Corporate Governance (ESG) products. As we begin 2022, many of those trends continue to hold as COVID-19’s wide-reaching effects continue to influence the wealth management industry.
As wealth management (WM) firms supercharge their digital transformation journeys, investments in cybersecurity and human-centered design are becoming critical to building superior digital client experience (CX). Another holdover trend − sustainable investing – is gaining mainstream attention and generating increasingly sophisticated client demands. Data and analytics capabilities will become ever more essential for ESG scoring and personalized customer engagement. As large financial services firms refocus on their wealth management business while new digital players make industry strides, competition is becoming historically intense. Not surprisingly, client experience is the new battleground.
This analysis provides an overview of the top trends in the retail banking sector driven by the competition, digital transformation, and innovation led by retail banks exploring novel ways to create and retain value in evolving landscape.
COVID-19 caught banks off guard and shook legacy mindsets to the core. With 20/20 (2020) hindsight, firms are more aware, digitally resilient, and financially stable as they head into 2022. The trials of the past 18 months forced firms to shore up existing business and consider new models and revenue streams.
Customer-centricity remains at the top of most FS agendas and is a 2022 focal point. Banks will focus on achieving operational excellence as diligently as delivering superior CX. In 2022 and beyond, it will be paramount for FIs to explore and invest in new technologies to remain relevant and resilient.
Banking 4.X will arrive in full force in 2022 with platform-supported firms monetizing diverse ecosystem capabilities and aggressively harvesting data to create experiential customer journeys through intelligent and personalized engagements. The new era will compel future-focused banks to finally abandon legacy infrastructure and collaborate with third-party specialists to solidify their best-fit, long-term roles. Increasingly, open platforms will make banks invisible as banking becomes embedded into customer lifestyles. At the same time, banks will shed asset-heavy models and shift to the cloud for greater agility, speed to market, and faster innovation. The shift will act as a precursor to adopting new technologies on the horizon – 5G and Decentralized Finance.
The recent past was filled will extraordinary lessons for financial institutions. Now is the time to act on those learnings and move forward profitably.
While COVID-19 has sparked the demand for life insurance, it has also exposed the operating model vulnerabilities in distribution, servicing, and customer retention. In a post-COVID, new-normal environment, insurers need to enhance their capabilities around advanced data management and focus on seamless and secure data sharing to provide superior CX and hyper-personalized offerings. Accelerated digitalization and faster go-to-market are vital to remaining competitive, and win-win partnerships with ecosystems are critical in the journey.
Read our Top Life Insurance Trends 2022 to explore the tactical and strategic initiatives carriers undertake to acquire competencies around customer centricity, product agility, intelligent processes, and an open ecosystem to ensure profitable growth and future readiness.
Property & Casualty Insurance Top Trends 2021Capgemini
The Property & Casualty insurance landscape is evolving quickly with the changing risk landscape, entry of new players, and changing customer expectations. The ripple effects of COVID-19 on the P&C insurance industry and natural disasters such as forest fires have adversely impacted insurance firm books.
In this scenario, to ensure growth and future-readiness, the most strategic insurers strive to be ‘Inventive Insurers’ – assuming a customer-centric approach, deploying intelligent processes, practicing business resilience and go-to-market agility, and embracing an open ecosystem.
Read our Property & Casualty Insurance Top Trends 2021 report to explore the strategies insurers are adapting to remain competitive amidst the evolving business landscape and how they can explore new ways to enhance their profitability.
A combination of factors such as demographic changes, evolving consumer preferences, and desire to become operationally efficient were already spurring changes in the life insurance industry. Enter 2020 – the COVID-19 pandemic is having a significant impact on the industry.
At the peak of disruption, the focus was on ensuring business continuity, but new initiatives are cropping up to tackle the challenges as the industry is adapting to the new normal.
Furthermore, COVID-19 has acted as a catalyst, pushing life insurers to prioritize their efforts on improving customer centricity, developing go-to-market agility, making processes intelligent, building business resilience, and embracing the open ecosystem.
Read our Life Insurance Top Trends 2021 report to explore the strategies insurers are adopting to manage the changing market dynamics.
The uncertainty of 2020 is setting the global tone for the immediate future in the financial services industry. So it is no surprise banks are laser-focused on business resilience, emphasizing both financial and operational risks. The need to adapt quickly to new normal conditions through virtual customer engagement is clear.
Customer centricity continues to drive commercial banks’ solution designs. And, the pandemic compelled products that deliver immediate client value ‒ quick digital onboarding, seamless lending, and support for small and medium-sized enterprises (SMEs). The onus is now on banks to go to market more quickly, which requires the implementation of intelligent processes and integrating corporates’ enterprise resource planning (ERP) systems with banking workflows.
To achieve go-to-market agility, banks across the globe are investing in and collaborating with FinTechs. Many of these partnerships are focused on boosting digital lending and providing seamless support to anxious small-business clients in need of assurance.
With newfound impetus for FinTech collaboration, commercial banks have picked up their step on the path toward OpenX. COVID-19 made it evident that survival during turbulence is manageable through collaboration with ecosystem players.
Read our Top Trends in Commercial Banking 2021 report to explore the strategies banks are adapting to transform their businesses from a product-led, siloed model to an experiential and agile plan.
When we published the Top Trends in Wealth Management 2020, little did we foresee the pandemic that would sweep through the world and disrupt life as we knew it. Yet, when we reviewed last year’s trends, we found that many still hold and some have taken on even greater relevance. One such trend is sustainable investing, which had begun to gain prominence as investors became more aware of ESG considerations, and firms rolled out more sustainable investing offerings. Another trend that has accelerated in the post-COVID world is the importance of investing in omnichannel capabilities and technologies such as artificial intelligence (AI) to enhance personalization and advisor effectiveness. The pandemic has driven wealth management firms to accelerate their digital transformation journey, with some immediate focus areas being interactive client communications and digital advisor tools.
There is no denying that time is of the essence. Yes, budgets are tight, but the Open X ecosystem offers wealth management firms opportunities to reimagine their operating models and deliver excellent customer experience cost-effectively.
Top trends in Payments: 2020 highlighted the payments industry’s flux driven by new trends in technology adoption, innovative solutions, and changing consumer behavior. The pandemic has tested the digital mastery of players, who are already grappling with transition. Non-cash transactions are on a robust growth path, accelerated by increased adoption during COVID-19. Regulators are working to instill trust and address non-cash payments risk amid unparalleled growth as players collaborate to quell uncertainty. Regional initiatives, such as the P27 (Nordics real-time payments system) and the EPI (European Payments Initiative), are gaining traction in response to country-level fragmentation and competition.
Investment in emerging technologies is looked upon as an elixir to mitigate fraud, data-driven offerings are being considered for providing value-added propositions, and distributed ledger technology is in focus for digital currency solutions, efficiency enhancement, and cost gains. New players, such as retailers/merchants, are integrating payments into their value chains while technology giants are upscaling their financial services game by weaving offerings around payments as a center stage. Constrained by budgets, firms consider business models such as Platform-as-a-Service (PaaS) to provide cost-effective and superior customer experience.
A combination of factors, including demographic changes, evolving consumer preferences, and regulatory and compliance mandates, were already spurring change in the health insurance industry. Enter 2020 and the COVID-19 pandemic, which is having sweeping implications for the industry.
At the peak of disruption, the focus was on ensuring business continuity, but new initiatives are cropping up to tackle the challenges as the industry adapts to the new normal.
Furthermore, some changes are here to stay, and it will be prudent for the industry players to be resilient to the market shifts by being agile, improving member centricity, making processes intelligent, and embracing the open ecosystem.
Read our Health Insurance Top Trends 2021 report to explore the strategies insurers are adopting to manage the external pressures.
The banking industry’s resilience is being tested as banks navigate through a remarkable 2020 filled with uncertainties. The impact of COVID-19 has been about setting the tone for future operational models. Retail banks have shifted focus towards integrated risk management with a more holistic view of operational risks. Adapting to the new normal, banks have prioritized cost transformation while engaging customers virtually. Incumbents sought to be more responsible within fast-changing environmental conditions and ESG remained a critical focus.
To provide more experiential services, banks are leveraging techniques such as segment-of-one to hyper-personalize offerings while aiming to humanize digital channels for increased engagement. Banks are also revamping middle and back offices, going beyond the front end leveraging intelligent processes. Open X is enabling banks to play on their strengths and use the expertise of ecosystem players. Going forward, banks are poised to become an enhanced one-stop shop by providing consumers value-adding FS and non-FS experiences.
To acquire customers in cost-effective manner, retail banks are tapping value-based propositions ‒ such as POS financing and mortgage refinancing. Further, Banking-as-Service provides incumbents a way to provide their high-value offerings to other players. In preparation for the future, banks will be looking to improve their go-to-market agility by leveraging the benefits of cloud. This analysis outlines the top 10 trends in retail banking for 2021.
Explore how Capgemini’s Connected autonomous planning fine-tunes Consumer Products Company’s operations for manufacturing, transport, procurement, and virtually every other aspect of the supply-value network in a touchless, autonomous way.
Financial services is undergoing a paradigm shift that is forcing incumbent retail banks to rethink growth strategies as they struggle to remain relevant. Growing competition from BigTechs, FinTech firms, and challenger banks has added to the complexity created by increasingly stringent regulatory and compliance requirements. Customers now expect a seamless customer journey and personalized offerings because they have become accustomed to top-notch individualized service from GAFA giants Google, Apple, Facebook, and Amazon. The changing ecosystem offers established banks new, unexplored opportunities and encourages a transition beyond traditional products to meet the exacting requirements of today’s customers. Bank collaboration with FinTech and RegTech partners is becoming commonplace. Incumbents are exploring point-of-sale financing and unsecured consumer lending, while they also boost their digital channel competencies to reach a broader customer base. Banks are beginning to accept open APIs and are working with third-party specialists to create an open shared marketplace. Technological advancements such as AI are fueling efforts to evolve customer onboarding and touchpoint processes. Increasingly, banks are turning to design thinking methodology to understand the customer journey, extract deep insights, and develop a more refined user experience across the customer lifecycle.
Our analysis of the top retail banking trends for 2020 offers a glimpse into the fast-changing banking ecosystem and explores the tools and solutions being used to face new-age challenges.
Aspects of the life insurance industry have remained constant for years – and so have premiums. Traditional savings products have taken a huge hit in terms of attractiveness because low interest-rates prevail. Meanwhile, the risk landscape is shifting, and insurers need to align better with the emerging business environment, manage changing customer preferences, and improve operational efficiencies. Within today’s scenario, industry players are undertaking tactical and strategic shifts in attempts to manage unpredictable market dynamics. Insurers must develop alternative products to breathe new life into policies and leverage emerging technologies (artificial intelligence (AI), analytics, and blockchain) to improve efficiency, agility, flexibility, and customer-centricity.
Read Top Trends in Life Insurance: 2020 for a look at the innovative steps future-focused insurers are considering to meet industry challenges and opportunities.
The health insurance industry is evolving and undergoing significant changes. As the risk landscape shifts, insurers are working to improve operational efficiencies, meet evolving customer preferences, and align better with the changing business environment. Accordingly, payers must adapt and align business models and offerings. An incisive tactical approach is required to accommodate members’ needs and related emerging risks — medical, health, and environmental. Advanced technologies such as artificial intelligence, analytics, automation, and connected devices are enabling insurers to manage these changes proactively, partner with members, and help to prevent risks, all the while continuing to fulfill payer responsibilities.
Read Top Trends in Health Insurance: 2020 to learn which strategies insurers are adopting to navigate and align with today’s challenges.
Similar to other financial services domains, payments is evolving into an open ecosystem. The EU’s Payment Services Directive (PSD2) pioneered open banking by encouraging banks and established payments players to securely open the systems to foster competition, innovation, and more customer choices. In tandem with non-cash transaction growth, regulations are driving banks and payments firms to expand their array of payment methods and channels. Governments are encouraging financial inclusion by also promoting the adoption of non-cash payments. Increasingly, merchants and corporates seek to offer alternative payment systems because of widespread popularity among consumers. Alternative payments also enable merchants to provide real-time and cross-border payments to boost business efficiency.
Banks, payment firms, card firms, BigTechs, FinTechs, and other players are continuously developing new technology to cash in on market changes. However, data breaches and fraud continue to hinder innovation as firms devote countless resources each year to address security issues. Many governments are also designing new regulations to reduce ecosystem threats. All these measures are expected to make the current ecosystem much more secure and simple for players as well as customers.
Top Trends in Payments: 2020 explores and analyzes payments ecosystem initiatives and solutions for this year and beyond
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Heart of the #IoT
1. Securing the Internet of Things
Opportunity: Putting Cybersecurity
at the Heart of the IoT
2. 22
Capgemini recently launched a new global service line dedicated to cybersecurity that draws expertise
from key disciplines within the Group. As the security of IoT products and systems is a key focus area
for Capgemini, Capgemini Consulting and Sogeti High Tech – a subsidiary of the Capgemini Group that
is specialized in product engineering – launched a study to understand the implications of cybersecurity
threats for the Internet of Things (IoT). This research paper presents our perspective on how organizations
can prepare themselves to address these threats and secure the IoT opportunity.
3. 33
The Internet of Things Opportunity Hinges
on Security
71% of respondents in
our survey agreed that
security concerns will
influence customers’
purchase decision for
IoT products.
While car
manufacturers are
currently focusing
mainly on infotainment-
related connectivity,
in the coming years
we will see many more
developments in the
field of car-to-car
communication and
remote diagnostics. But
this also means that we
will be more and more
vulnerable to malicious
attacks.
- A leading
car manufacturer
Figure 1: Top Security Threats to IoT Products
Source: Capgemini Consulting and Sogeti High Tech, “Security in the Internet of Things Survey”,
November 2014
N=109
There is little arguing the transformative
potential of the Internet of Things (IoT)1
.
However, the IoT business opportunity
rests precariously on one critical factor
– security. A spate of recent hacks
and breaches has revealed glaring
vulnerabilities in the IoT. Consider for
instance, the breach in US-based retailer
Target’s payment systems in late 2013.
This was the largest data hack in US
retail history and resulted in the theft of
40 million credit card numbers2
. What
is extraordinary about this attack is
that hackers gained access to Target’s
network through Internet-enabled
heating, ventilation and air-conditioning
systems installed in its retail stores3
.
The security risks of the IoT apply equally
to the world of connected consumer
devices as they do to industrial systems.
For instance, security researchers Chris
Valasek and Mathew Solnik conducted
experiments to show car makers how
hackers could potentially gain access
to the engine or the steering wheels of
a connected car. The researchers also
50%
43%
41%
39%
28%
Password attacks
Identity spoofing attacks
Data modification attacks
Eavesdropping/traffic sniffing attacks
Denial of Service attacks
% of respondents
showed how hackers could then wrench
the wheels of the car to one side or even
turn off the engines without warning4
.
While these experiments required physical
access to the vehicle, the possibility of a
remote attack is not as far-fetched as it
might seem, given the pace at which
technology is advancing.
As the IoT continues to grow to an
estimated 26 billion devices by 20205
,
Internet-enabled systems will become
increasingly attractive targets for
cyber attacks6
. As an executive at
a leading car manufacturer told us:
“While car manufacturers are currently
focusing mainly on infotainment-related
connectivity, in the coming years we will
see many more developments in the
field of car-to-car communication and
remote diagnostics. But this also means
that we will be more and more vulnerable
to malicious attacks.7
” To understand
more about organizations’ security
concerns, our global survey (see research
methodology at the end of this paper)
probed which exposures concerned
them most (see Figure 1).
4. 4 4
Hackers gained access
to Target’s payment
systems through
Internet-enabled
heating, ventilation
and air-conditioning
systems installed in its
retail stores.
Security researchers
have conducted
experiments to show
car makers how hackers
could potentially gain
access to the engine or
the steering wheels of a
connected car.
The integrity of energy
consumption data is
extremely important in
our industry and has
now become a potential
business stopper.
- A leading smart
meter manufacturer
Figure 2: Impact of Security Concerns on Customers’ Purchase Decision for
IoT Products
Source: Capgemini Consulting and Sogeti High Tech, “Security in the Internet of Things Survey”,
November 2014
N=109
The growing risk of these attacks could
undermine the IoT business opportunity.
71% of respondents in our survey agreed
that security concerns will influence
customers’ purchase decision for IoT
products. Industrial manufacturing and
smart metering firms acknowledge this
to a greater degree than firms in other
segments such as automotive and home
automation (see Figure 2). This may not
be surprising if we consider that industrial
manufacturing and smart metering firms
were among the earliest to embrace
connectivity. The CEO of a leading smart
metering firm affirmed this, saying: “The
integrity of energy consumption data is
extremely important in our industry and
has now become a potential business
stopper.8
”
93%
86%
67%
65%
65%
59%
Industrial Manufacturing
Smart Metering
Medical Devices
Wearables
Automotive
Home Automation
Overall: 71%
Comparison by Industry Segment
Traditional Firms: 74%
Startups: 65%
% of respondents who agree that security concerns will impact
customers' purchase decision for IoT products
Losses arising from cyber attacks on
IoT systems can hit organizations hard.
Target faced plummeting sales and saw a
46% drop in profitability as a result of the
November 2013 attack. In addition, the
company could potentially face a fine of
$400 million to $1.1 billion if a government
probe finds it guilty of not following
industry-specific security standards9
.
Given the massive fallout of cyber
attacks, do organizations prioritize
security adequately and are they
prepared to address the growing risks
of connectivity? Is security a core focus
for organizations as they develop their
IoT products? In the following pages, we
examine how organizations approach
security issues, assess the challenges
they face in securing their IoT products,
and present a blueprint to make security
the cornerstone of an IoT strategy.
5. 5
Figure 3: Resilience of IoT Products to Cybersecurity Attacks
Source: Capgemini Consulting and Sogeti High Tech, “Security in the Internet of Things Survey”, November 2014
Note: Surveyed companies commented on the level of resilience of IoT products in general and not specifically on
their own products
N=109
Only 33% of executives
in our survey believe
that the IoT products
in their industry are
highly resilient to
cybersecurity attacks.
In 2014, an Israeli
security firm showed
how hackers could
exploit a critical
vulnerability in a
popular vehicle-
telematics device to
send malicious updates
to the device, steal data
on the car’s location and
performance, and even
unlock doors remotely.
Raising the IoT Security and Privacy Game
Comparison by Industry Segment
Traditional Firms: 39%
Startups: 23%
50%
50%
47%
35%
18%
10%
Wearables
Smart Metering
Industrial
Manufacturing
Automotive
Home Automation
Medical Devices
Overall: 33%
% of respondents who rate the IoT products in their industry
high on resilience to cyber attacks
Ramping Up Security Levels
Despite increasing cyber attacks on IoT
devices and ample warning from security
experts, most organizations do not
provide adequate security and privacy
safeguards for their IoT products. Only
33% of executives in our survey believe
that the IoT products in their industry
are highly resilient to cybersecurity
attacks. Among industry segments,
home automation and medical device
manufacturers reported the lowest
levels of resilience (see Figure 3). This is
particularly worrying given the expected
uptake of IoT devices in these segments.
For instance, the number of patients using
connected medical devices is expected
to grow from 3 million at the end of 2013
to over 19 million by 201810
.
Research shows that existing security
features in IoT products are not
adequate. An HP study revealed 250
vulnerabilities in ten commonly used
IoT devices, including connected TVs,
webcams, thermostats, door locks and
home alarms. Most products supported
very weak authentication features that
directly exposed them to security risks. In
fact, 8 out of 10 devices failed to require
a password stronger than “1234”11
.
Another significant risk factor is the
continued use of the default password
provided by the manufacturer, which can
often be easily cracked by hackers.
Vulnerabilities arising from lack of
encryption features are also a concern.
In 2014, an Israeli security firm uncovered
a critical vulnerability in a telematics
device developed by Zubie – a US-based
connected-car startup. The research
team found that Zubie’s hardware,
which tracks a car’s performance to
provide drivers with instructions on
improving driving efficiency, did not
encrypt communications between the
device and server. Researchers were
able to demonstrate how hackers could
exploit this weakness to send malicious
updates to the device, steal data on the
car’s location and performance, and even
unlock doors remotely12
.
6. 6
Figure 4: Data Privacy Information Provided by Organizations
N = 100
Source: Capgemini Consulting and Sogeti High Tech Analysis
47% of organizations
do not provide any
kind of data privacy
information regarding
the data generated from
their IoT products.
Only 10% of companies
allow consumers to
either opt-in or opt-out
of data collection and
sharing.
AliveCor, a startup
that provides a
remote cardiac health
monitoring service,
asks users for their
explicit consent before
sharing any data with a
healthcare professional.
The poor security features in IoT products
have inevitably attracted government
attention. The US Federal Trade
Commission (FTC) took action against
TRENDnet, a manufacturer of Internet-
connected home security cameras,
for allowing users’ login credentials to
be transmitted unencrypted over the
Internet, which resulted in hundreds of
camera feeds being hacked and posted
online. Among other things, the FTC
barred TRENDnet from misrepresenting
the security of its cameras and charged
it with providing consumers with free
technical support for two years to help
consumers update or uninstall their
cameras13
.
Privacy Policies Lack
Maturity
Data privacy is also emerging as a major
concern for consumers, which comes
as no surprise. In a recent survey of
US consumers, 66% of respondents
expressed concerns about data privacy
issues stemming from IoT products14
.
However, our benchmarking assessment
of organizations’ IoT data privacy policies
(see research methodology at the end of
this paper) reveals significant concerns.
Of the 100 startups and traditional
organizations that we studied, 47% do
not provide any privacy related information
regarding their IoT products. Even when
they do, organizations rarely enable
consumers to control the collection and
sharing of data from their IoT devices. For
instance, only 10% of companies allow
consumers to either opt-in or opt-out of
data collection and sharing (see Figure 4).
AliveCor, a startup that provides a remote
cardiac health monitoring service, is a
notable exception. AliveCor asks users
for their explicit consent before sharing
any data with a healthcare professional.
In addition, AliveCor’s privacy statement
clearly informs users about how they can
withdraw from sharing data if they wish
to15
.
Another significant omission in most
privacy statements is the absence of
information on how customer data is
dealt with once a service is terminated.
Our research revealed that only 13%
of companies provide this information.
However, there are some exceptions.
Automatic, a startup that offers a
telematics device for connected
cars, informs customers that it may
permanently delete customer data at
its own discretion, upon termination of
service16
. Fitbit, the fitness tracking device
manufacturer, lets consumers know that
it stops storing data once the consumer
terminates a contract17
. Such information
enables consumers to take a more
informed decision about whether to opt
for a service or not.
48%
51%
10%
13%
IoT Data Privacy Policies -
Type of Information Provided to Consumers
Information on Types of Data Collected
Information on How Data is Shared
with Third Parties
Information on Degree of User Control
(Ability to Opt-in or Opt-out of Data
Collection and Sharing)
Information on How Data is Managed
on Service Termination
7. 7
Figure 5: The Expanded Attack Surface of an IoT System
Source: Capgemini Cybersecurity Service Line
Why are Organizations Lagging behind in Securing
their IoT Products and Systems?
A number of factors are affecting
organizations’ ability to put in place
rigorous security. These include an
expanded attack surface, inefficiencies
in the IoT product development process,
the weak security architecture of the
entire IoT system, lack of specialized
security skill-sets, and insufficient use of
third-party support.
The IoT Presents an
Expanded Attack Surface
and Multiple Points of
Vulnerability
Securing an IoT system is a challenge
because of its multiple points of
vulnerability. These include the IoT
product, and the embedded software
and data residing within it. They also
include the data aggregation platform,
data centers used for analysis of sensor
data, and communication channels (see
Figure 5).
Connected Objects
(IoT Products)
Sensors
Internet
Public
Cloud
Gateway
Big Data
Object
Data Center Data Analysis
Data Aggregation
Data Acquisition
Gateway
Hub of sensors Hub of sensors
Object
Private
Cloud
App
App
Securing all of these surfaces is a major
challenge for organizations (see Figure
6). As a senior executive at a leading
European industrial manufacturing firm
explains, it involves a wide-ranging
response: “Securing an IoT system
involves securing the IoT product and
implementing multiple features at the
system level, such as access control
and account management, segregation
of networks and accounts, the use of
secure protocols for data transmission,
and the management of firewall and
antivirus updates.18
”
The security of the IoT product is a key
element of the overal security of an
IoT system. Figure 6 illustrates the key
challenges to securing an IoT product.
The focus on security
can get lost if
organizations rush
to launch their IoT
products, prioritizing
speed-to-market over
security.
8. 8
Source: Capgemini Consulting and Sogeti High Tech, “Security in the Internet of Things Survey”, November 2014
N=109
Figure 6: Key Challenges to Securing IoT Products
For Most Organizations,
Security is not the Core
Focus of the IoT Product
Development Process
Securing a product from cyber attacks
is a critical element of the product
development process in an IoT world.
Michael Murray, the Director of GE
Healthcare’s Cyber Security Consulting
and Assessment division highlights this
when he says, “It’s all about building
these sensitive medical systems and
devices with cyber security in mind,
rather than as an afterthought.” Murray’s
team is responsible for overseeing the
development of the company’s remote
patient monitoring, medical imaging and
diagnosis systems right from the design
phase19
.
However, this focus on security can get
lost if organizations rush to launch their
IoT products, prioritizing speed-to-market
over security. Our survey showed that only
48% of companies focus on securing their
IoT products from the beginning of the
product development phase. In addition,
only 36% are working towards modifying
their IoT development process to focus
more on security from the earliest stages
of product design (see “Cyber Insecurity:
Why IoT Product Security Is Lagging”).
Organizations have not
set up Mechanisms to
Remotely Patch Connected
Devices
Connected products need to be updated
regularly for their defenses to be watertight
to existing and emerging threats. If
patches are not updated frequently, the
risk of cybersecurity attacks increases.
Despite this, our survey revealed that
only 49% of organizations provide remote
updates for their IoT devices (see “Cyber
Insecurity: Why IoT Product Security Is
Lagging”).
There are many reasons for this. Since
most IoT products are built using
inexpensive, low-margin chips, chip
manufacturers are not adequately
incentivized to provide patches for
them. At the same time, vendors of IoT
products, unlike PC and smartphone
manufacturers, may not necessarily
have the technical expertise required to
develop patches20
. In some cases, the
issue lies in the absence of channels to
deliver patches remotely, as organizations
rely on users to manually download
and install them. However, consumers
may not be aware of updates or have
the expertise to install them. 67% of
respondents in our survey cited lack of
awareness among consumers regarding
security best practices as a major cause
of security breaches. Despite this, 41%
of respondents reported that they release
updates online and require consumers to
download and install them.
Only 49% of
organizations provide
remote updates for their
IoT devices.
60%
55%
50%
44%
39%
Securing access to the end-point device
Securing the communication channel
Deploying security updates remotely
on the end-point device
Securing data stored locally in the
end-point device
Securing embedded software in
the end-point device
9. 9
35% of respondents cited the shortage of specialized
security experts in their organizations as a key
challenge to securing IoT products.
Most Organizations are
not Focusing on Acquiring
Specialized Security Skills
for their IoT Products
Despite growing awareness about the
risk of cyber attacks, most organizations
are not working towards building
specialized security skill-sets. Securing
an IoT product requires multiple skills
to cover the app, device, infrastructure
and the communication channel. 35%
of respondents in our survey cited the
shortage of specialized security experts in
their organizations as a key challenge to
securing IoT products. Despite this, only
20% reported that their organizations
are hiring IoT security experts in order to
improve security. Companies like Tesla,
however, are exceptions. Tesla hired
Kirstin Baget, a hacking expert with prior
experience in companies such as Apple,
Google, eBay and Microsoft, to lead its
vehicle security team (see Exhibit 1, “Tesla:
Liaising with the Hacker Community to
Develop Secure Connected Cars”).
Most Organizations are
Not Leveraging Third-Party
Support to Accelerate the
Process of Strengthening
Security
Few organizations are taking proactive
steps to strengthen security by partnering
with, or acquiring, specialized security
firms. Our research revealed that only
35% of companies are partnering with
specialized security firms and only 19%
are acquiring specialized security firms
as part of their IoT security strategy
(see “Cyber Insecurity: Why IoT Product
Security Is Lagging”).
Exhibit 1 - Tesla:Liaising with the Hacker
Community to Develop Secure Connected Cars
Tesla Motors, the leading American electric car maker, makes some of the
most digitally advanced cars in the world. Tesla’s cars are equipped with
over-the-air software updates and provide an infotainment screen that can
be used to control everything from navigation to the door locks. But this also
opens up the possibility of Tesla’s cars being vulnerable to cyber attacks.
Making Tesla Sit Up and Take Notice
The possible consequences of cyber hacking for Tesla’s cars were brought
to the fore by two instances involving Tesla’s Model S electric car. In the first,
the owner of a Model S was able to hack into the car’s system and bring
up a non-standard web browser on its infotainment display. In the second,
participants in a Chinese security conference were able to remotely operate
the car’s lights, horn and sunroof.
Courting Hackers to Develop Secure Systems
Tesla’s initiative to make its cars more secure against much more serious
hacks started with the hiring of Kirstin Baget, a hacking expert with prior
experience in companies such as Apple, Google, eBay and Microsoft, to lead
its vehicle security team. Tesla also attended the Def Con, an annual security
conference held in Las Vegas, in order to hire 20 to 30 hackers to develop
security systems for its current and future vehicles.
Tesla is also courting freelance security researchers and hackers. The
company actively encourages people to report vulnerabilities, and offers
factory tours in exchange. So far, 20 confirmed vulnerabilities have been
exposed in this manner. Tesla adds the names of hackers who are able to
successfully point out security flaws to a “Hall of Fame” list on its website.
Source: Wall Street Journal, “Tesla Invites Hackers for a Spin”, August 2014; Jalopnik, “Tesla
Looking To Hire Up To 30 Hackers To Prevent Pwning”, August 2014; CleanTechnica.com, “Tesla
Motors Snags “Hacker Princess” From Apple”, February 2014
Only 48% of companies
focus on securing their
IoT products from the
beginning of the product
development phase.
10. 10
Securing the communication
channel
Deploying security updates remotely
on end-point devices
50%
Securing access to the
end-point device
60% 55%
Only 48%of organizations
focus on securing their IoT
products from the beginning of
the product development phase
Only 49%of organizations
provide remote updates for
their IoT devices
Security is not a Priority While
Developing IoT Products
Organizations have not set up
Mechanisms to Remotely Patch
Connected Devices
Key Challenges to Securing IoT Products: % of respondents
IoT Security is in the Slow Lane
% of respondents: % of respondents:
Ignoring the importance of building
in-house capabilities to secure IoT products
Not exploring external expertise to secure
IoT products
Acquiring specialized
security firms – 19%
Inviting third parties
such as hackers to
identify vulnerabilities in
IoT products – 28%
Hiring IoT security
experts – 20%
Appointing a team to look into the
development of data privacy
policies for IoT products – 35%
Partnering with specialized
security firms – 35%
Increasing IoT R&D spending
on security – 43%
Modifying the IoT product
development process to focus
more on security from the earliest
stages of product design – 36%
Cyber Insecurity: Why IoT Product Security is Lagging
An Expanded Attack Surface Increases the Challenge of Securing IoT Products
11. 11
Gold-Standard Security:Making Security the Core
of the IoT Value Proposition
The results of the risk-
analysis should feed
into the IoT business
plan, so that decisions
on proceeding with
product development
and launch are based on
a strong understanding
of the potential risk
factors.
Organizations should
set up an integrated
team structure for IoT
product development,
comprising business
executives as well as
security specialists.
A significant number of
software vulnerabilities
can be addressed if
organizations adhere to
secure coding standards
and best practices.
Set up an Integrated Team
of Business Executives and
Security Specialists
The first step in securing an IoT system
is to treat security as a fundamental
element of the product value proposition.
This means that product managers and
security specialists must work together
to plan the IoT product roadmap and
conceptualize the defining features and
functionality of the product. To achieve
this, organizations should set up an
integrated team structure for IoT product
development, comprising business
executives as well as security specialists.
This will enable greater collaboration
between business executives and security
specialists and, in turn, help ensure that
business and security considerations
related to IoT product development are
well-balanced.
Integrate Security Best
Practice with the IoT
Product Development
Process
Product Planning Should Begin with
a Detailed Risk Analysis
The IoT product planning process should
begin with a detailed risk analysis so that
organizations have a clear view of the
cyber threat landscape and a firm basis
for choosing the right security features
for their IoT products (see Figure 7).
The analysis should include a study of
disruptive attack scenarios, especially
those arising from new and advanced
types of threats. In addition, organizations
must quantify the financial and non-
financial impact of potential attacks on
the organization as well as end-users.
The results of the risk-analysis should
feed into the IoT business plan, so that
decisions on proceeding with product
development and launch are based on a
strong understanding of the potential risk
factors.
A cybersecurity expert from a leading
European research organization highlighted
the importance of this analysis. “The
technical measures for improving security –
such as authentication and cryptography –
are a second level problem,” he explained.
“The first level is to understand the risks.
Organizations need to know what they
want to protect against and then choose a
solution depending on their analysis.21
”
Embed Security throughout the IoT
Product Design Process
This includes the design, coding, testing
and evaluation:
Secured design. Security mechanisms
must be defined and implemented
in the hardware and software
architecture, during the design
phase of the product. Organizations
must also pay special attention to
the implementation of cryptographic
mechanisms.
Secured coding. A significant
number of software vulnerabilities can
be addressed if organizations adhere
to secure coding standards and
best practices. Specific mechanisms
such as code obfuscation should be
implemented to prevent the reverse
engineering of source code.
Rigorous testing. IoT products
should be subject to stringent
security testing – including application
security testing, functional testing and
penetration testing – for the hardware
as well as software components of
the IoT system.
Security evaluation. As the final
step of securing their IoT products,
organizations should liaise with
specialized third-party security firms
that have an Information Technology
Security Evaluation Facility (ITSEF)a
to
ensure that these products go through
a formal security evaluation process,
such as Common Criteriab
. Such an
evaluation from a certified lab could in
turn enable an organization to obtain
an international security certificate for
its IoT products.
a
An accredited laboratory for security evaluations
b
Common Criteria for Information Technology Security
Evaluation (abbreviated as Common Criteria or CC) is
an international standard for the security evaluation of
computer products and systems
12. 12
Figure 7: Revamp the IoT Product Development Process to Comprehensively Address Security Issues
Source: Capgemini Consulting and Sogeti High Tech Analysis
To prevent cyber
attacks, organizations
must ensure that they
educate consumers
about the correct
security procedures to
be followed while using
an IoT system.
Security
Certification
Risk
Analysis
Secured
Design
Secured
Coding
Rigorous
Testing
Get IoT systems certified
for compliance (ex: IT
security Common Criteria)
Conduct application security
testing, functional testing
and penetration testing
for hardware and
software components
Follow secure coding
best practices to prevent
the creation of security
vulnerabilities in the code
Design hardware
and software to be
secure from the
ground up
Determine security goals
based on an analysis of
disruptive threat scenarios
Educate Consumers as
well as Front Line Staff in
Security Best Practice
Including strong security features is only
one part of securing an IoT product. The
security of an IoT product also depends
on the manner in which it is operated. To
prevent cyber attacks, organizations must
ensure that they educate consumers
about the correct security procedures
to be followed. This includes coaching
on seemingly elementary issues, such
as changing passwords regularly, which
still remains one of the most common
causes of security breaches. A senior
executive at a leading European industrial
manufacturing firm affirmed this view:
“There are ways to counterbalance
new kinds of threats from a technical
standpoint. But that is not enough. It
is also absolutely critical that the right
procedures are laid down to operate a
system. For example, customers need to
change passwords regularly and manage
access control appropriately.22
”
At the same time, organizations must also
train technical support staff so that they
are better able to coach customers on
security issues. An executive at a leading
equipment manufacturer highlighted the
need for such training, saying: “Our front
line function, which is responsible for
maintenance and spare parts, is made up
of old-school technology specialists. They
now need to understand the security
features of our connected equipment
so that they can respond to customer
queries on security issues.23
”
13. 13
Privacy policies should be readily accessible to
consumers and easy to understand.
Address Privacy Concerns
with Transparent Privacy
Policies
To protect consumers from potential data
privacy breaches, organizations must
develop privacy policies that clearly detail
how data from IoT devices is collected
and used. Privacy policies should be
readily accessible to consumers and easy
to understand. Further, guidelines for
opting into a service (or opting out) should
be clearly described so that consumers
can make informed choices about sharing
data. In a post-Snowden world, where
consumers are growing increasingly
concerned about data privacy issues, a
transparent privacy policy can be a key
differentiator for an organization, signaling
its commitment to protecting the interests
of consumers.
While few organizations today seem
to recognize security as a source of
competitive advantage in the IoT world,
BlackBerry is a notable exception. The
smartphone manufacturer is aiming to
establishitselfasaleaderintheIoTmarket,
based on the platform of security (see
Exhibit 2, “BlackBerry: Making Security
the Foundation of an IoT Offering”).
Cyber attacks are a grim reality in an
increasingly connected world. However,
despite mounting evidence of the
potential human and material impact of
such attacks, organizations have not yet
trained all their guns on security threats.
Building a secure IoT system begins with
the recognition that security needs to be
as much of a priority as the features and
functionality of an IoT product.
As the world economy struggles to
escape from stagnation and slowing
growth levels, the IoT is a massive
opportunity for organizations to achieve
new levels of efficiency and to develop
innovative new services and products.
However, like Achilles, whose strength
was compromised by one telling
vulnerability, organizations must act on
IoT security. Organizations that recognize
this imperative are the ones who will lead
this new IoT revolution.
Exhibit 2 - BlackBerry:Making Security the
Foundation of an IoT Offering
BlackBerry, the once-iconic smartphone manufacturer, is betting on IoT to
script a turnaround story. A major part of BlackBerry’s transformation strategy
involves leveraging its strengths in network security to become a leader in
the IoT market. BlackBerry aims to achieve this by building an IoT platform
that allows its customers to develop secure IoT applications. BlackBerry’s IoT
platform will provide various device management features that include over-
the-air software updates. It is built on the “Project Ion” initiative that BlackBerry
launched in May 2014 and leverages technologies that have made BlackBerry
a leader in mobile data security and embedded systems. BlackBerry plans to
initially target the shipping and automotive sectors with its platform. In future, it
plans to extend the platform to other industry verticals such as healthcare and
energy.
Project Ion:Laying the Foundation of a Secure IoT Platform
BlackBerry’s Project Ion initiative comprises multiple efforts designed to
promote the development of the IoT. This includes a secure application platform
to gather data from across a range of devices and operating environments, and
building relationships between partners, carriers and application developers. It
also aims at building strategic partnerships with industry organizations such as
the Industrial Internet Consortium and the Applications Developers Alliance.
QNX Systems:Bringing the Expertise in Embedded Software
QNX, bought by BlackBerry in 2010, is an operating system for embedded
devices. QNX already powers mission-critical systems in cars, industrial
applications and medical devices. It has a market share of more than 50% in
the infotainment market and more than 50 million vehicles use QNX. In addition
to infotainment systems, QNX also powers the “H Box” - a device used to
capture and transmit secure medical data between patients, doctors and
healthcare providers.
Source: Financial Post, “How BlackBerry can become the Google or Twitter of the Internet of Things”,
August 2014; BlackBerry Website; Forbes, “A Look At BlackBerry’s Internet of Things Strategy”,
January 2015; Techcrunch, “BlackBerry Reveals Project Ion, Its QNX-Powered Effort To Underpin
The Internet Of Things”, May 2014; Forbes, “A Look At BlackBerry’s Internet of Things Strategy”,
January 2015
14. 14
Research Methodology
Capgemini Consulting and Sogeti High Tech conducted extensive research to understand the current state of security for
IoT products. The research spanned two areas: the main survey concerning the security of the IoT and a benchmarking
assessment of organizations’ privacy policies. We surveyed more than 100 large enterprises and startups, interviewed
industry executives and cybersecurity experts, and evaluated the data privacy policies governing the use of IoT devices in
100 organizations.
The Security of the IoT Survey
The survey was conducted in November 2014 and covered more than 100 industry executives involved in the development
of IoT products. Survey respondents came from a range of industry segments, including Wearables, Medical Devices,
Automotive, Home Automation, Smart Metering, and Industrial Manufacturing. The survey focused on gathering opinions
on the following areas – the current levels of security in IoT products, key challenges that organizations face in securing
their IoT products, and the approach to securing IoT products.
Survey Demographics
Privacy Policy Benchmarking Assessment
We researched the IoT data privacy policies of 100 companies across the Wearables, Medical Devices, Automotive, and
Home Automation segments. We evaluated the policies based on the level of transparency that they provided to users on
the manner in which data from IoT devices was collected, used and shared with third parties.
Wearables
Medical Devices
Automotive
Home Automation
Industrial
Manufacturing
Smart Metering
Europe
USA
APAC
Region-wise Distribution of Respondents Industry-wise Distribution of Respondents
18%
19%
16%
20%
14%
13%
4%
58%
38%
15. 1515
About the Capgemini Cybersecurity Service Line
Capgemini and Sogeti are experts in IT infrastructure and application integration. Together, we offer a complete range
of cybersecurity services to guide and secure the digital transformation of companies and administrations. Our 2,500
professional employees support you in defining and implementing your cybersecurity strategies. We protect your IT and
industrial systems, and the Internet of Things (IoT) products & systems. We have the resources to strengthen your defenses,
optimize your investments and control your risks. They include our security experts (Infrastructures, Applications, Endpoints,
Identity and Access Management), and our R&D team that specializes in malware analysis and forensics. We have ethical
hackers, five multi-tenant security operation centers (SOC) around the world, an Information Technology Security Evaluation
Facility, and we are a global leader in the field of testing.
16. 16
1 Capgemini Consulting, “The Internet of Things: Are Organizations Ready For A Multi-Trillion Dollar Prize?”, May 2014
2 Bloomberg, “Target’s Data Breach: The Largest Retail Hack in U.S. History”, May 2014
3 ComputerWorld, “Target attack shows danger of remotely accessible HVAC systems”, February 2014
4 The Economist, “Home, hacked home: The perils of connected devices”, July 2014
5 Gartner.com, “Gartner Says the Internet of Things Installed Base Will Grow to 26 Billion Units By 2020”, December 2013
6 Pew Research Center, “Digital Life in 2025: Cyber Attacks Likely to Increase”, October 2014
7 Capgemini Consulting and Sogeti High Tech Interview
8 Capgemini Consulting and Sogeti High Tech Interview
9 Washington Post, “Data breach hits Target’s profits, but that’s only the tip of the iceberg”, February 2014
10 LinkedIn.com, “Berg Insight says 3.0 million patients worldwide are remotely monitored”, 2014
11 HP.com, “HP Study Reveals 70 Percent of Internet of Things Devices Vulnerable to Attack”, July 2014
12 Forbes.com, “Zubie: This Car Safety Tool ‘Could Have Given Hackers Control Of Your Vehicle’”, July 2014
13 FTC.gov, Federal Trade Commission, “Marketer of Internet-Connected Home Security Video Cameras Settles FTC Charges It
Failed to Protect Consumers’ Privacy”, September 2013
14 CIO Today, “Internet of Things Growing Despite Privacy, Security Concerns”, December 2014
15 AliveCor.com, “AliveCor Privacy Notice”, September 2014
16 Automatic.com, “Terms of Service” (as on October 10th, 2014)
17 Fitbit.com, “Fitbit Privacy Policy”, August 2014
18 Capgemini Consulting and Sogeti High Tech Interview
19 InformationWeek Dark Reading, “Hiring Hackers To Secure The Internet Of Things”, December 2014
20 Wired.com, “The Internet of Things Is Wildly Insecure — And Often Unpatchable”, January 2014
21 Capgemini Consulting and Sogeti High Tech Interview
22 Capgemini Consulting and Sogeti High Tech Interview
23 Capgemini Consulting and Sogeti High Tech Interview
References