IoT and Security - Information Management Today

Open-Source Oversight: Security Gaps in IoT and OT Devices

Data Breach Today

DECEMBER 11, 2023

Dashevskyi and La Spina of Forescout Technologies on IoT and OT Security Practices Previous studies on IoT and OT devices have primarily focused on internal components, neglecting open-source components that are crucial for internet and network connectivity, according to Stanislav Dashevskyi and Francesco La Spina, security researchers at Forescout (..)

IoT

IoT Security

Consumer IoT Security Labels: Transparency Push Intensifies

Data Breach Today

OCTOBER 25, 2023

Vendors Want 'Clear, Consistent and Actionable Information' for Device Security Essential, real-time security information about every Internet of Things device should be clearly communicated to consumers before and after purchase, a consortium of technology vendors says in a list of IoT security principles, which recommend the use of "live labels." (..)

IoT

IoT Security Communications

Cinterion IoT Cellular Modules Vulnerable to SMS Compromise

Data Breach Today

MAY 13, 2024

Modules Widely Deployed in Manufacturing, Telecommunications and Healthcare Devices Multiple types of Telit Cinterion cellular modules for IoT and machine-to-machine devices, which are widely used across industrial, financial services, telecommunications and healthcare environments, are vulnerable to being remotely compromised via malicious SMS messages, (..)

IoT

IoT Financial Services Manufacturing Security

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

The Last Watchdog

DECEMBER 17, 2023

The Internet of Things ( IoT ) is on the threshold of ascending to become the Internet of Everything ( IoE.) I had the chance to visit with Thomas Rosteck, Infineon’s Division President of Connected Secure Systems (CSS.) Infineon supplies semiconductors embedded in smart systems, most notably in automotive, power and IoT.

IoT

IoT Cloud Authentication Manufacturing

Forescout CEO on Navigating OT, IoT Threats in Cybersecurity

Data Breach Today

APRIL 29, 2024

Barry Mainz Discusses Asset Visibility, Security and Risk Management Outside IT Forescout CEO Barry Mainz highlights the growing risks associated with OT and IoT devices and how cybersecurity strategies must evolve to address these challenges.

IoT

IoT Cybersecurity Risk Security

How Amazon and Walmart Could Fix IoT Security

Data Breach Today

JUNE 26, 2020

Bruce Schneier Says Pressure on Retailers Could Fix Insecure IoT Supply Chains IoT devices can be made cheaply and quickly. But as a result, they may lack adequate security features.

IoT

IoT Retail Security

Secure by Design: UK Enforces IoT Device Cybersecurity Rules

Data Breach Today

APRIL 29, 2024

Law Bans Universal Default Passwords; Requires Bug-Reporting Channels, Update Plan Say goodbye to buying internet of things devices in Britain with a default or hardcoded password set to "12345," as the country has banned manufacturers from shipping internet-connected and network-connected devices that don't comply with minimum cybersecurity standards. (..)

Cybersecurity

Cybersecurity IoT Manufacturing Passwords

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. Related: The need for supply chain security This is to be expected. After all, government mandates combined with industry standards are the twin towers of public safety.

IoT

IoT Security Manufacturing Cybersecurity

IoT Security Dangers Loom as Office Workers Return

Data Breach Today

JULY 24, 2021

This is particularly true of IoT devices, as many have been left unprotected for months. Researchers: Home and Office Connected Devices Vulnerable to Attack With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have a huge task before them to ensure their work environment is safe.

IoT

IoT Security Cybersecurity

Managing Legacy Medical, OT, IoT Device Risk in Healthcare

Data Breach Today

JULY 26, 2023

While patient safety risks posed by unpatched security vulnerabilities in legacy medical devices often grab headlines, healthcare entities shouldn't underestimate the serious business risks involving other poorly secured IoT and OT gear used in healthcare settings, said Mohammad Waqas of Armis.

IoT

IoT Risk Security

Survey: Security Concerns Slow Down IoT Deployments

Data Breach Today

JUNE 3, 2020

Preventing Ransomware and Other Malware Attacks Is Top of Mind for Enterprises Worries over ransomware and malware are slowing down enterprise IoT deployments, which is a reflection of the reputational and customer relationship risks at stake, according to a new survey.

IoT

IoT Security Ransomware Risk

Exploring the Boundless Possibilities of IoT: Connecting the World Through Smart Devices

Data Breach Today

SEPTEMBER 5, 2023

Claro Enterprise Solutions' Kelly Rein on the Role of IoT Devices, AI-Based Video Scanning in Security Historically, IT and physical security teams have served in separate areas, but that is changing due to emerging threats such as a drone that landed on a firm's roof to steal data.

IoT

IoT Security IT

Analysis: Keeping IoT Devices Secure

Data Breach Today

JUNE 26, 2020

This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity?

IoT

IoT Security

ISMG Editors: Emerging AI Tech for Cloud Security in 2024

Data Breach Today

JANUARY 26, 2024

Payments Expert Troy Leach Joins the Panel to Cover AI, Zero Trust and IoT Security In the latest weekly update, Troy Leach, CSO at Cloud Security Alliance, joins three editors at ISMG to discuss important cybersecurity issues, including how generative AI is enhancing multi-cloud security, AI's influence on authentication processes, and the state of (..)

Cloud

Cloud IoT Security Authentication

New Report on IoT Security

Schneier on Security

SEPTEMBER 28, 2022

The Atlantic Council has published a report on securing the Internet of Things: “Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem.”

IoT

IoT Security Mining Manufacturing

New Online Platform Coordinates IoT Bug Reports

Data Breach Today

OCTOBER 27, 2020

VulnerableThings.com Seeks to Improve Bug Reporting for Connected Devices A new online platform called VulnerableThings.com is aiming to become the go-to place for reporting and viewing reports on software flaws in IoT devices.

IoT

IoT Security

More Than 1,000 IoT Security Guidelines: Which One to Use?

Data Breach Today

JULY 7, 2020

Study Suggests Actionable Recommendations Would Improve IoT Security With more than 1,000 IoT security guidelines, recommendations and best practices, which ones should an organization follow?

IoT

IoT Manufacturing Security

Singapore Launches IoT Cybersecurity Labelling

Data Breach Today

OCTOBER 16, 2020

Labels Will Indicate What Security Standards Products Meet Singapore has launched an IoT cybersecurity labelling program intended to improve the baseline security of internet-connected consumer products. The program is voluntary, but Singapore eventually intends to make it mandatory.

IoT

IoT Cybersecurity Security IT

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

The assault came from “ Meris ,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Cloudflare recently wrote about its attack , which clocked in at 17.2 In its Aug. Image: Qrator.

IoT

IoT Manufacturing IT Security

The Role of 'Prosilience' in IoT Security

Data Breach Today

MARCH 15, 2019

The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service."

IoT

IoT Security GDPR

Gartner on Enterprise IoT: Segment and Isolate Everything

Data Breach Today

MARCH 24, 2021

Tim Zimmerman Says Organizations Need IoT Security Policies What's that IoT device on your network? That's why Gartner analyst Tim Zimmerman says enterprises need to create IoT security policies and governance rules to reduce risk. A lot of organizations may not know.

IoT

IoT Risk Government Security

Netskope CEO Sanjay Beri on Pushing Into SD-WAN, IoT Defense

Data Breach Today

SEPTEMBER 13, 2022

How Endpoint DLP and IoT Security Tools Strengthen Netskope's SASE Platform Netskope has built out a full SASE stack and helped enterprises secure their physical devices through the recent acquisitions of Infiot and WootCloud.

IoT

IoT Cloud Security

2019 IoT Security Outlook

Data Breach Today

DECEMBER 20, 2018

DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings.

IoT

IoT Security

How IoT Changes Security

Data Breach Today

JULY 11, 2018

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene.

IoT

IoT Security

Federal IoT Guidelines Move Closer to Becoming Law

Data Breach Today

SEPTEMBER 30, 2020

IoT Products Would Have to Meet Minimum Security Requirements for Use by Government Legislation that establishes minimum security standards for IoT devices procured by the federal government is moving closer to becoming law.

IoT

IoT Government Security

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. Now for the big challenge - security. I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's dive into it.

IoT

IoT Security Risk Cloud

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

The Security Ledger

MAY 13, 2023

In this episode of the podcast, I speak with Window Snyder, the founder and CEO of Thistle Technologies about the (many) security challenges facing Internet of Things (IoT) devices and her idea for making things better: Thistle’s platform for secure development and deployment of IoT devices. Read the whole entry. »

IoT

IoT Security Authentication IT

Researchers Spot Critical Security Flaw in Bosch Thermostats

Data Breach Today

JANUARY 15, 2024

Bitdefender Finds Vulnerability in Popular IoT Device Thermostats sold across the globe by German multinational engineering company Bosch contained a flaw allowing hackers to cut power to the heating system and override the firmware, warn researchers from cybersecurity firm Bitdefender. Bosch pushed an over-the-air update in October.

IoT

IoT Security Cybersecurity

FireEye, CISA Warn of Critical IoT Device Vulnerability

Data Breach Today

AUGUST 17, 2021

Researchers: Kalay Protocol Flaw Could Affect Millions of Connected Devices FireEye researchers and CISA are warning about a critical vulnerability that could allow an attacker to gain remote access to compromised IoT devices, such as connected security cameras, according to a report.

IoT

IoT Access Security

Key Developments in IoT Security

Thales Cloud Protection & Licensing

JULY 15, 2021

Key Developments in IoT Security. Remember the early days of the emergence of Internet of Things (IoT) devices? The rush to market for consumers to enjoy the modern conveniences offered by these devices shocked the security community. Security experts were concerned that these devices were built with no security in mind.

IoT

IoT Security Data Privacy Encryption

New Fido Protocol Simplifies IoT Device Onboarding

Data Breach Today

APRIL 22, 2021

Standard Designed to Cut the Cost and Time to Securely Connect IoT Devices The Fido Alliance, an association that has developed voluntary authentication standards with a goal of minimizing the use of passwords, has launched an onboarding protocol for IoT devices that's designed to enhance security.

IoT

IoT Authentication Passwords Security

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

NOVEMBER 9, 2020

The Internet of Things (IoT) has come a long, long way since precocious students at Carnegie Melon University installed micro-switches inside of a Coca-Cola vending machine so they could remotely check on the temperature and availability of their favorite beverages. Related: Companies sustain damage from IoT attacks That was back in 1982.

IoT

IoT Passwords Artificial Intelligence Risk

IoT Security: 20 Years Behind Enterprise Computing

Data Breach Today

NOVEMBER 19, 2019

While IoT devices are entering enterprises at a rapid pace, the security practices around them are as much as 20 years behind those for enterprise computing, says Sean Peasley of Deloitte, who outlines steps organizations can take to ensure safe IoT computing.

IoT

IoT Security

An Attacker's IoT Paradise: Billions of Insecure Devices

Data Breach Today

JULY 30, 2020

Trend Micro Envisions Maturing IoT Attacker Business Models The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market.

IoT

IoT Marketing Security

D-Link Settles With FTC Over Alleged IoT Security Failures

Data Breach Today

JULY 3, 2019

Proposed Settlement Requires D-Link to Bolster Security Program D-Link has reached a proposed settlement with the U.S. Federal Trade Commission, which alleged the IoT device developer left consumers vulnerable to hackers through inadequate security practices.

IoT

IoT Security

Coming Soon: 'Trust Mark' Certification for IoT Devices

Data Breach Today

JUNE 18, 2020

Program, Which Could Become Global, Designed to Evaluate Security of Connected Devices An Australian IoT alliance is developing a certification program designed to raise security standards for connected device manufacturers and give consumers more confidence that they're buying secure devices.

IoT

IoT Manufacturing Security

Singapore Expands Consumer IoT Labelling

Data Breach Today

JANUARY 28, 2021

Now Included: IP Cameras, Smart Door Locks, Lights and Printers Singapore is expanding a labelling program that allows buyers to see at a glance the cybersecurity readiness of a consumer IoT device. The country's Cyber Security Agency will extend the voluntary program to IP cameras as well as smart door locks, lights and printers.

IoT

IoT Cybersecurity Security

The Time Is Now for IoT Security Standards

Dark Reading

AUGUST 11, 2022

Industry standards would provide predictable and understandable IoT security frameworks.

IoT

IoT Security

Insight Partners' Latest Purchase: IoT Security Firm Armis

Data Breach Today

JANUARY 7, 2020

Private Equity Firm Expects to Close Deal in February Private equity firm Insight Partners plans to acquire yet another security company: This time it's IoT security startup Armis. Find out the substantial value of the all-cash deal.

IoT

IoT Security IT

Fixing IoT Leaks with Hardware Security

Data Breach Today

SEPTEMBER 9, 2019

Brian Romansky of Owl Cyber Defense Discusses the Role of Data Diodes Data diodes provide a way to control data flows in IoT devices, says Brian Romansky of Owl Cyber Defense, who describes "unhackable" hardware.

IoT

IoT Security

Firedome Integrates With Microsoft Defender for IoT to Enhance IoT Device Security, Using Microsoft Sentinel

Dark Reading

JULY 12, 2023

Firedome's on device real-time detection, prevention and response along with Microsoft Defender for IoT cloud-based security provides a holistic view of IoT attacks for the first time.

IoT

IoT Security Cloud

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. A Webcam made by HiChip that includes the iLnkP2P software.

IoT

IoT Manufacturing Passwords Computer and Electronics

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT Mining Manufacturing Education

'Heh' Botnet Targets Telnet on IoT Devices

Data Breach Today

OCTOBER 7, 2020

Researchers Say Bot Code Could Wipe Disks Clean Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices.

IoT

IoT Security

Open-Source Oversight: Security Gaps in IoT and OT Devices

Consumer IoT Security Labels: Transparency Push Intensifies

Webinars

Trending Sources

Cinterion IoT Cellular Modules Vulnerable to SMS Compromise

Webinars

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

Forescout CEO on Navigating OT, IoT Threats in Cybersecurity

How Amazon and Walmart Could Fix IoT Security

Secure by Design: UK Enforces IoT Device Cybersecurity Rules

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

IoT Security Dangers Loom as Office Workers Return

Managing Legacy Medical, OT, IoT Device Risk in Healthcare

Survey: Security Concerns Slow Down IoT Deployments

Exploring the Boundless Possibilities of IoT: Connecting the World Through Smart Devices

Analysis: Keeping IoT Devices Secure

ISMG Editors: Emerging AI Tech for Cloud Security in 2024

New Report on IoT Security

New Online Platform Coordinates IoT Bug Reports

More Than 1,000 IoT Security Guidelines: Which One to Use?

Singapore Launches IoT Cybersecurity Labelling

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

The Role of 'Prosilience' in IoT Security

Gartner on Enterprise IoT: Segment and Isolate Everything

Netskope CEO Sanjay Beri on Pushing Into SD-WAN, IoT Defense

2019 IoT Security Outlook

How IoT Changes Security

Federal IoT Guidelines Move Closer to Becoming Law

IoT Unravelled Part 3: Security

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

Researchers Spot Critical Security Flaw in Bosch Thermostats

FireEye, CISA Warn of Critical IoT Device Vulnerability

Key Developments in IoT Security

New Fido Protocol Simplifies IoT Device Onboarding

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

IoT Security: 20 Years Behind Enterprise Computing

An Attacker's IoT Paradise: Billions of Insecure Devices

D-Link Settles With FTC Over Alleged IoT Security Failures

Coming Soon: 'Trust Mark' Certification for IoT Devices

Singapore Expands Consumer IoT Labelling

The Time Is Now for IoT Security Standards

Insight Partners' Latest Purchase: IoT Security Firm Armis

Fixing IoT Leaks with Hardware Security

Firedome Integrates With Microsoft Defender for IoT to Enhance IoT Device Security, Using Microsoft Sentinel

P2P Weakness Exposes Millions of IoT Devices

Updated Kmsdx botnet targets IoT devices

'Heh' Botnet Targets Telnet on IoT Devices

Stay Connected