The document discusses contextual cybersecurity for internet of things (IoT) devices. It notes that current networks focus on secure data transmission but endpoints like IoT devices are often insecure. Compliance checklists for security are also frequently vague. The presentation emphasizes taking a risk-based approach to cybersecurity that considers vulnerabilities and threats across different access levels from physical devices to organizational knowledge. It advocates for security measures that are aware of contextual information and relationships between humans, information, and technology in the system.
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Contextual Cyber Security for IoT
1. Co-funded by the
European Union
Management Of Networked IoT Wearables – Very Large Scale
Demonstration of Cultural Societal Applications
Contextual Cyber Security for IoT
Fraunhofer Innovation Days
Dr. David Lund
5. Current Networks
Secure Pipes – Insecure Endpoints
Reliance on Physical Security
End 2 End security often overlays
lower layer security creating
overhead and increasing
vulnerability
8. Compliance Checklists often driven by vague standards
• Have you…
• Defined a security plan e.g.
• implement a Firewall, blocking x,y,z
• patch all windows xp machines
• put up a poster warning of electric shock
9. Compliance Checklists often driven by vague standards
• Have you…
• Defined a security plan
• E.g.
• implement a Firewall, blocking x,y,z
• patch all windows xp machines
• put up a poster warning of electric shock
• Implemented it
• Yes,
• Yes
• Yes
10. Compliance Checklists often driven by vague standards
• Have you…
• Defined a security plan
• E.g.
• implement a Firewall, blocking x,y,z
• patch all windows xp machines
• put up a poster warning of electric shock
• Implemented it
• Yes,
• Yes
• Yes
It’s Friday afternoon so I can go
home happy that I’ve done what I
need to do, and therefore
everything is safe
12. Don’t forget humans
• As assets
• Rich and valuable information
• As vulnerabilities
• How stupid are we?
• There is always a human with access!
13. Don’t forget humans
• As assets
• Rich and valuable information
• As vulnerabilities
• How stupid are we?
• There is always a human with access !
• As threats
• I’ve a business to run, and I have competitors
• Information is valuable to my business !!
14. Don’t forget humans
• As assets
• Rich and valuable information
• As vulnerabilities
• How stupid are we?
• There is always a human with access !
• As threats
• I’ve a business to run, and I have competitors
• Information is valuable to my business !!
15. Don’t forget humans
• As assets
• Rich and valuable information
• As vulnerabilities
• How stupid are we?
• There is always a human with access !
• As threats
• I’ve a business to run, and I have competitors
• Information is valuable to my business !!
16. RISK gives context !
So how do we minimise risk and maximise opportunity ??
17. • Characterization of key assets
• Investigate known threats
• Identify vulnerabilities
• Impact analysis of threats
• Capability and likelihood
17
Cyber Risk Assessment
Asset
Characterization
Threat
Characterization
Vulnerability
Assessment
Consequence
Assessment
Managing Threat
Assessment
SecurityOperator
ConsultandInform Sharing information with others-
physical and logistics
Continuous Monitoring
Threat Likelihood
Assessment
Contextual Risk based approach
18. Physical Access
IT Physical /
Virtual
Component
Access
Information
Personal
Information /
Knowledge
Organisation
Knowledge
Risk Cascade
19. Physical Access
IT Physical /
Virtual
Component
Access
Information
Personal
Information /
Knowledge
Organisation
Knowledge
My laptop is hacked…
Risk Cascade
20. Physical Access
IT Physical /
Virtual
Component
Access
Information
Personal
Information /
Knowledge
Organisation
Knowledge
Information
that’s
important to
my business
is now at risk
Risk Cascade
21. Physical Access
IT Physical /
Virtual
Component
Access
Information
Personal
Information /
Knowledge
Organisation
Knowledge
Knowledge gives the context
Risk Cascade
22. Physical Access
IT Physical /
Virtual
Component
Access
Information
Personal
Information /
Knowledge
Organisation
Knowledge
Technology should be
aware of the context
Risk Cascade
23. Who Trusts Who ?
Human
Interaction Social Business
Information
Comms
Protocols
Networks
Agents
Virtualisation
Metal
Human
Interaction Social Business
Information
Comms
Protocols
Networks
Agents
Virtualisation
Metal
https://www.techuk.org/insights/reports/item/6008-5g-innovation-opportunities-a-discussion-paper
26. Thanks for your attention
All rights reserved.
All copyright for this presentation are owned in full by the MONICA Project.
Permission is granted to print material published in this presentation for personal use only. Its
use for any other purpose, and in particular its commercial use or distribution, is strictly
forbidden in the absence of prior written approval.
MONICA has received funding from the European Union’s Horizon 2020 Framework
Programme for Research and Innovation under Grant Agreement No 732350.
Possible inaccuracies of information are under the responsibility of the project. This
presentation reflects solely the views of its authors. The European Commission is not liable for
any use that may be made of the information contained therein.
Please see us here: www.monica-project.eu
www.psc-europe.eu
Next Conference
Madrid 14-16, November 2017
www.hwcomms.com