16 Sep How to Tame IoT’s Frankenstein-like Security Monster
Episode 29
It’s difficult enough to manage network security or web security or application security or mobile security but when they all come together you have the Frankenstein-like monster called IoT security. And when they all come together you have the unique challenges of security system security too – welcome to IoT. In this episode of the IoT Business Show I speak with Daniel Miessler about the top security risks facing IoT and how to mitigate them. This is part one of a two part interview.
In this episode of the IoT Business Show, I speak with Daniel Miessler about the top security risks facing IoT and how to mitigate them. This is part one of a two part interview.
Daniel is the Principal Architect with HP Fortify and has over 15 years of information security experience across the network, web, mobile, and IoT spaces. In the last 10 years his specialty has been in penetration testing. His current focus is on standardizing security testing for IoT, and he is the creator and leader of the OWASP IoT Project.
The fear mongering that we read in the press about IoT security is disturbing. I understand it’s important as click bait and yes, it may get bad or even really bad, but as with everything we will overcome these challenges and as with all other types of computing security, we’ll tame and manage it. It’ll never be completely under control but that’s the nature of this cat and mouse game that’s part of our reality. Listen to this interview for a sobering but sober take on IoT security.
Here’s What We’ll Cover in this Episode
- The security metrics of availability, integrity and confidentiality.
- The importance of authentication and authorization frameworks.
- The importance of lockout and password policy.
- How bad actors use harvesting.
- The importance of encrypted data and their endpoints.
- Why actual encryption is not generally the problem with encryption.
- The idea of adjustable standards based on a risk tolerance.
- The importance of security update systems.
Mentioned in this Episode and Other Useful Links
Support this Podcast
If you have been enjoying this podcast, there are a few ways you can support it:
- Share it on social by clicking on the widget on the left or bottom of the page.
- Click here to open iTunes and leave a one-click review or write your thoughts.
- Consider becoming a Certified IoT Professional by enrolling in the ICIP online training program.
Ways to Subscribe to the IoT Business Show
Like what you hear? Subscribe to get each episode delivered to your device via iTunes, Spotify, Google Play, Stitcher Radio or RSS (non-iTunes feed).
Have an opinion? Join the discussion in our LinkedIn group
What do you think the top issue is in IoT security?
Click here if you have an opinion on this podcast or want to see the opinion of others
