SlideShare uma empresa Scribd logo

Contextual Cyber Security for IoT

MONICA-Project
MONICA-Project

The document discusses contextual cybersecurity for internet of things (IoT) devices. It notes that current networks focus on secure data transmission but endpoints like IoT devices are often insecure. Compliance checklists for security are also frequently vague. The presentation emphasizes taking a risk-based approach to cybersecurity that considers vulnerabilities and threats across different access levels from physical devices to organizational knowledge. It advocates for security measures that are aware of contextual information and relationships between humans, information, and technology in the system.

Internet
1 de 26
Baixar para ler offline
Co-funded by the European Union Management Of Networked IoT Wearables – Very Large Scale Demonstration of Cultural Societal Applications Contextual Cyber Security for IoT Fraunhofer Innovation Days Dr. David Lund
Contextual Cyber Security for IoT Dr David Lund, Head of Research & Development, HW Communications Data Security manager, MONICA Project Board Member, Public Safety Communication Europe Forum © HW Communications Ltd 2012
‘Things’ that we put on the internet
Current Networks Secure Pipes – Insecure Endpoints
Current Networks Secure Pipes – Insecure Endpoints Reliance on Physical Security End 2 End security often overlays lower layer security creating overhead and increasing vulnerability
More devices or more degrees of freedom
More devices or more degrees of freedom
Compliance Checklists often driven by vague standards • Have you… • Defined a security plan e.g. • implement a Firewall, blocking x,y,z • patch all windows xp machines • put up a poster warning of electric shock
Compliance Checklists often driven by vague standards • Have you… • Defined a security plan • E.g. • implement a Firewall, blocking x,y,z • patch all windows xp machines • put up a poster warning of electric shock • Implemented it • Yes, • Yes • Yes
Compliance Checklists often driven by vague standards • Have you… • Defined a security plan • E.g. • implement a Firewall, blocking x,y,z • patch all windows xp machines • put up a poster warning of electric shock • Implemented it • Yes, • Yes • Yes It’s Friday afternoon so I can go home happy that I’ve done what I need to do, and therefore everything is safe
Don’t forget humans • As assets • Rich and valuable information
Don’t forget humans • As assets • Rich and valuable information • As vulnerabilities • How stupid are we? • There is always a human with access!
Don’t forget humans • As assets • Rich and valuable information • As vulnerabilities • How stupid are we? • There is always a human with access ! • As threats • I’ve a business to run, and I have competitors • Information is valuable to my business !!
Don’t forget humans • As assets • Rich and valuable information • As vulnerabilities • How stupid are we? • There is always a human with access ! • As threats • I’ve a business to run, and I have competitors • Information is valuable to my business !!
Don’t forget humans • As assets • Rich and valuable information • As vulnerabilities • How stupid are we? • There is always a human with access ! • As threats • I’ve a business to run, and I have competitors • Information is valuable to my business !!
RISK gives context ! So how do we minimise risk and maximise opportunity ??
• Characterization of key assets • Investigate known threats • Identify vulnerabilities • Impact analysis of threats • Capability and likelihood 17 Cyber Risk Assessment Asset Characterization Threat Characterization Vulnerability Assessment Consequence Assessment Managing Threat Assessment SecurityOperator ConsultandInform Sharing information with others- physical and logistics Continuous Monitoring Threat Likelihood Assessment Contextual Risk based approach
Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge Risk Cascade
Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge My laptop is hacked… Risk Cascade
Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge Information that’s important to my business is now at risk Risk Cascade
Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge Knowledge gives the context Risk Cascade
Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge Technology should be aware of the context Risk Cascade
Who Trusts Who ? Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal https://www.techuk.org/insights/reports/item/6008-5g-innovation-opportunities-a-discussion-paper
Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal https://www.techuk.org/insights/reports/item/6008-5g-innovation-opportunities-a-discussion-paper Who Trusts Who ?
Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal https://www.techuk.org/insights/reports/item/6008-5g-innovation-opportunities-a-discussion-paper Who Trusts Who ?
Thanks for your attention All rights reserved. All copyright for this presentation are owned in full by the MONICA Project. Permission is granted to print material published in this presentation for personal use only. Its use for any other purpose, and in particular its commercial use or distribution, is strictly forbidden in the absence of prior written approval. MONICA has received funding from the European Union’s Horizon 2020 Framework Programme for Research and Innovation under Grant Agreement No 732350. Possible inaccuracies of information are under the responsibility of the project. This presentation reflects solely the views of its authors. The European Commission is not liable for any use that may be made of the information contained therein. Please see us here: www.monica-project.eu www.psc-europe.eu Next Conference Madrid 14-16, November 2017 www.hwcomms.com

Recomendados

IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...CableLabs
 
IoT security patterns
IoT security patterns IoT security patterns
IoT security patterns Exosite
 
Security issues and solutions : IoT
Security issues and solutions : IoTSecurity issues and solutions : IoT
Security issues and solutions : IoTJinia Bhowmik
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSomasundaram Jambunathan
 
Automatski - The Internet of Things - Privacy in IoT
Automatski - The Internet of Things - Privacy in IoTAutomatski - The Internet of Things - Privacy in IoT
Automatski - The Internet of Things - Privacy in IoTautomatskicorporation
 
Security and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentSecurity and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentDr. Amarjeet Singh
 
IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015Hildebrand Technology
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 

Recomendados

IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...CableLabs
 
IoT security patterns
IoT security patterns IoT security patterns
IoT security patterns Exosite
 
Security issues and solutions : IoT
Security issues and solutions : IoTSecurity issues and solutions : IoT
Security issues and solutions : IoTJinia Bhowmik
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSomasundaram Jambunathan
 
Automatski - The Internet of Things - Privacy in IoT
Automatski - The Internet of Things - Privacy in IoTAutomatski - The Internet of Things - Privacy in IoT
Automatski - The Internet of Things - Privacy in IoTautomatskicorporation
 
Security and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentSecurity and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentDr. Amarjeet Singh
 
IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015Hildebrand Technology
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
5 phases of IoT
5 phases of IoT5 phases of IoT
5 phases of IoTExosite
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
The Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security IssuesThe Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security IssuesEuropean Union Agency for Network and Information Security (ENISA)
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)SecPod Technologies
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of thingsMonika Keerthi
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot securityUsman Anjum
 
IoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresIoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresUITSEC Teknoloji A.Ş.
 
Internet of things
Internet of thingsInternet of things
Internet of thingsvarungoyal98
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issuesAnastasios Economides
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prustyamarprusty
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...ClicTest
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkClearnetwork
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceCigdem Sengul
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber securitysajid mehmood
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
IOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringIOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringPotato
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at ScaleWinston Morton
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesDenim Group
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...James Mulhern
 
IT Security Awareness - How to?
IT Security Awareness - How to?IT Security Awareness - How to?
IT Security Awareness - How to?Narinrit Prem-apiwathanokul
 

Mais conteúdo relacionado

Mais procurados

5 phases of IoT
5 phases of IoT5 phases of IoT
5 phases of IoTExosite
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)SecPod Technologies
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of thingsMonika Keerthi
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot securityUsman Anjum
 
IoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresIoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresUITSEC Teknoloji A.Ş.
 
Internet of things
Internet of thingsInternet of things
Internet of thingsvarungoyal98
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prustyamarprusty
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...ClicTest
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkClearnetwork
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceCigdem Sengul
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
IOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringIOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringPotato
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at ScaleWinston Morton
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesDenim Group
 

Mais procurados (20)

5 phases of IoT
5 phases of IoT5 phases of IoT
5 phases of IoT
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
 
The Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security IssuesThe Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security Issues
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
 
Security challenges for internet of things
Security challenges for internet of thingsSecurity challenges for internet of things
Security challenges for internet of things
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
 
IoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresIoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructures
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
IOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringIOT Security - ICCT College of Engineering
IOT Security - ICCT College of Engineering
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at Scale
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
 
IOT Security
IOT SecurityIOT Security
IOT Security
 

Semelhante a Contextual Cyber Security for IoT

What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...James Mulhern
 
An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In LibrariesBlake Carver
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemEvan Francen
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...JoAnna Cheshire
 
Ethnosit.net
Ethnosit.netEthnosit.net
Ethnosit.netethnos
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatuChinatu Uzuegbu
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemSecurityStudio
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
The 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseThe 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseChristiaan Beek
 
ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security Bill Gibbs
 
BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016Whitbags
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)eNetSPI
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...North Texas Chapter of the ISSA
 

Semelhante a Contextual Cyber Security for IoT (20)

What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...
 
IT Security Awareness - How to?
IT Security Awareness - How to?IT Security Awareness - How to?
IT Security Awareness - How to?
 
An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
 
Ethnosit.net
Ethnosit.netEthnosit.net
Ethnosit.net
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatu
 
Security analysis
Security analysisSecurity analysis
Security analysis
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
Hacking_SharePoint_FINAL
Hacking_SharePoint_FINALHacking_SharePoint_FINAL
Hacking_SharePoint_FINAL
 
Cyber security
Cyber securityCyber security
Cyber security
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
The 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypseThe 4horsemen of ics secapocalypse
The 4horsemen of ics secapocalypse
 
ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security
 
presCyberNISC2015
presCyberNISC2015presCyberNISC2015
presCyberNISC2015
 
How to Secure America
How to Secure AmericaHow to Secure America
How to Secure America
 
BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016BIFM Risk Management Event 8th September 2016
BIFM Risk Management Event 8th September 2016
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)e
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
 

Último

PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 

Último (20)

PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 

Contextual Cyber Security for IoT

  • 1. Co-funded by the European Union Management Of Networked IoT Wearables – Very Large Scale Demonstration of Cultural Societal Applications Contextual Cyber Security for IoT Fraunhofer Innovation Days Dr. David Lund
  • 2. Contextual Cyber Security for IoT Dr David Lund, Head of Research & Development, HW Communications Data Security manager, MONICA Project Board Member, Public Safety Communication Europe Forum © HW Communications Ltd 2012
  • 3. ‘Things’ that we put on the internet
  • 4. Current Networks Secure Pipes – Insecure Endpoints
  • 5. Current Networks Secure Pipes – Insecure Endpoints Reliance on Physical Security End 2 End security often overlays lower layer security creating overhead and increasing vulnerability
  • 6. More devices or more degrees of freedom
  • 7. More devices or more degrees of freedom
  • 8. Compliance Checklists often driven by vague standards • Have you… • Defined a security plan e.g. • implement a Firewall, blocking x,y,z • patch all windows xp machines • put up a poster warning of electric shock
  • 9. Compliance Checklists often driven by vague standards • Have you… • Defined a security plan • E.g. • implement a Firewall, blocking x,y,z • patch all windows xp machines • put up a poster warning of electric shock • Implemented it • Yes, • Yes • Yes
  • 10. Compliance Checklists often driven by vague standards • Have you… • Defined a security plan • E.g. • implement a Firewall, blocking x,y,z • patch all windows xp machines • put up a poster warning of electric shock • Implemented it • Yes, • Yes • Yes It’s Friday afternoon so I can go home happy that I’ve done what I need to do, and therefore everything is safe
  • 11. Don’t forget humans • As assets • Rich and valuable information
  • 12. Don’t forget humans • As assets • Rich and valuable information • As vulnerabilities • How stupid are we? • There is always a human with access!
  • 13. Don’t forget humans • As assets • Rich and valuable information • As vulnerabilities • How stupid are we? • There is always a human with access ! • As threats • I’ve a business to run, and I have competitors • Information is valuable to my business !!
  • 14. Don’t forget humans • As assets • Rich and valuable information • As vulnerabilities • How stupid are we? • There is always a human with access ! • As threats • I’ve a business to run, and I have competitors • Information is valuable to my business !!
  • 15. Don’t forget humans • As assets • Rich and valuable information • As vulnerabilities • How stupid are we? • There is always a human with access ! • As threats • I’ve a business to run, and I have competitors • Information is valuable to my business !!
  • 16. RISK gives context ! So how do we minimise risk and maximise opportunity ??
  • 17. • Characterization of key assets • Investigate known threats • Identify vulnerabilities • Impact analysis of threats • Capability and likelihood 17 Cyber Risk Assessment Asset Characterization Threat Characterization Vulnerability Assessment Consequence Assessment Managing Threat Assessment SecurityOperator ConsultandInform Sharing information with others- physical and logistics Continuous Monitoring Threat Likelihood Assessment Contextual Risk based approach
  • 18. Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge Risk Cascade
  • 19. Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge My laptop is hacked… Risk Cascade
  • 20. Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge Information that’s important to my business is now at risk Risk Cascade
  • 21. Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge Knowledge gives the context Risk Cascade
  • 22. Physical Access IT Physical / Virtual Component Access Information Personal Information / Knowledge Organisation Knowledge Technology should be aware of the context Risk Cascade
  • 23. Who Trusts Who ? Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal https://www.techuk.org/insights/reports/item/6008-5g-innovation-opportunities-a-discussion-paper
  • 24. Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal https://www.techuk.org/insights/reports/item/6008-5g-innovation-opportunities-a-discussion-paper Who Trusts Who ?
  • 25. Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal Human Interaction Social Business Information Comms Protocols Networks Agents Virtualisation Metal https://www.techuk.org/insights/reports/item/6008-5g-innovation-opportunities-a-discussion-paper Who Trusts Who ?
  • 26. Thanks for your attention All rights reserved. All copyright for this presentation are owned in full by the MONICA Project. Permission is granted to print material published in this presentation for personal use only. Its use for any other purpose, and in particular its commercial use or distribution, is strictly forbidden in the absence of prior written approval. MONICA has received funding from the European Union’s Horizon 2020 Framework Programme for Research and Innovation under Grant Agreement No 732350. Possible inaccuracies of information are under the responsibility of the project. This presentation reflects solely the views of its authors. The European Commission is not liable for any use that may be made of the information contained therein. Please see us here: www.monica-project.eu www.psc-europe.eu Next Conference Madrid 14-16, November 2017 www.hwcomms.com