SlideShare uma empresa Scribd logo

Paul Malone of TSSG spoke at the IERC debate entitled “The Internet of Energy Things will deliver a Secure, Cheap and Sustainable Energy Future”.

Walton Institute
Walton Institute

This document summarizes a presentation given by Paul Malone at the IERC Conference 2015 on the internet of energy things. The presentation discusses that while the internet of energy things could deliver a secure, cheap and sustainable energy future, there are significant security challenges to address first. These include an increased attack surface from more connected devices, the difficulty of patching devices remotely, and a lack of agreed upon data governance frameworks to protect privacy and regulate use of data. Case studies are presented showing vulnerabilities in existing internet-connected devices like baby monitors. The presentation argues that security must be designed into internet of energy things from the start in order to fully realize its benefits.

Tecnologia
1 de 20
Baixar para ler offline
IERC Conference 2015 Paul Malone 13th May 2015 12/05/2015   www.tssg.org  
The internet of energy things will deliver a secure, cheap and sustainable energy future 12/05/2015   www.tssg.org   2  
The internet of energy things will deliver a secure?, cheap and sustainable energy future 14/05/2015   www.tssg.org   3  
•  Increased attack surface •  Difficulty of patching devices •  Lack of data governance frameworks 12/05/2015   www.tssg.org   4  
Increased attack surface 12/05/2015   www.tssg.org   5  
12/05/2015   www.tssg.org   6   Source:  Cisco  
2014  Verizon  Data  Breach   Inves6ga6ons  Report   12/05/2015   www.tssg.org   7   Source:  Verizon  
The  OWASP  Internet  of  Things  Top  10     1.  Insecure Web Interface 2.  Insufficient Authentication/Authorization 3.  Insecure Network Services 4.  Lack of Transport Encryption 5.  Privacy Concerns 6.  Insecure Cloud Interface 7.  Insecure Mobile Interface 8.  Insufficient Security Configurability 9.  Insecure Software/Firmware 10. Poor Physical Security https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project 12/05/2015   www.tssg.org   8  
Difficulty of patching devices 12/05/2015   www.tssg.org   9  
HP  Report  2014   “70 percent of the most commonly used Internet of Things (IoT) devices contain vulnerabilities, including password security, encryption and general lack of granular user access permissions.” “IoT devices averaged 25 vulnerabilities per product, indicating expanding attack surface for adversaries” 12/05/2015   www.tssg.org   10  
“The challenge is, you see all of these devices coming online at a rapid clip, without robust security. … Trying to apply a patch to a thermostat in the home is going to be much more challenging.” - Gary Davis, Intel Security 12/05/2015   www.tssg.org   11  
Foscam  Baby  Monitor   •  Multiple vulnerabilities •  100,000 cameras in the wild (easy to find) •  20% default user “admin” no password •  Vendor generated a patch (for some of the vulnerabilities) •  99% of cameras still ran the older firmware 12/05/2015   www.tssg.org   12  
Lack of agreed Data Governance Frameworks 12/05/2015   www.tssg.org   13  
•  Huge amounts of data •  Regulatory and compliance complexities •  Assurances with regard to PII –  Where is my data? –  Who has access? •  What assurances does the consumer have? –  How is my data being used? •  What is the value to me? •  What is the value to 3rd parties? 12/05/2015   www.tssg.org   14  
12/05/2015   www.tssg.org   15   What about Surveillance?
“If privacy and confidentiality isn’t designed in up front, on top of the security capabilities provided by the enabling M2M infrastructure (including authentication, access control, data protection), the benefits of the IoT cannot be fully realized.” - Tim Carey, Alcatel Lucent 12/05/2015   www.tssg.org   16  
The internet of energy things will deliver a secure, cheap and sustainable energy future 14/05/2015   www.tssg.org   17  
The internet of energy things will deliver a secure, cheap and sustainable energy future can 12/05/2015   www.tssg.org   18  
The internet of energy things will deliver a secure, cheap and sustainable energy future can 14/05/2015   www.tssg.org   19   But only if security is addressed first!
“You cannot escape the responsibility of tomorrow by evading it today.” - Abraham Lincoln 12/05/2015   www.tssg.org   20  

Recomendados

Computer Investigation on Employees
Computer Investigation on EmployeesComputer Investigation on Employees
Computer Investigation on EmployeesSwiftTech Solutions, Inc.
 
HIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowHIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowSwiftTech Solutions, Inc.
 
SOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSwiftTech Solutions, Inc.
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...centralohioissa
 
Cyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanCyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanTWCA
 
Quantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipQuantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipNetskope
 
Data Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectData Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectNetskope
 

Recomendados

Computer Investigation on Employees
Computer Investigation on EmployeesComputer Investigation on Employees
Computer Investigation on EmployeesSwiftTech Solutions, Inc.
 
HIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowHIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowSwiftTech Solutions, Inc.
 
SOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSwiftTech Solutions, Inc.
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...centralohioissa
 
Cyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanCyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanTWCA
 
Quantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipQuantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipNetskope
 
Data Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectData Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectNetskope
 
The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationNetskope
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessMike Brannon
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...Netskope
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionNetskope
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Jisc
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope
 
Netskope Overview
Netskope OverviewNetskope Overview
Netskope OverviewNetskope
 
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Web App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationWeb App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationQualys
 
The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1William Kiss
 
Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?SwiftTech Solutions, Inc.
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Netskope
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforcejlieberman07
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14Vanguard Visions
 

Mais conteúdo relacionado

Mais procurados

The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationNetskope
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessMike Brannon
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...Netskope
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionNetskope
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Jisc
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope
 
Netskope Overview
Netskope OverviewNetskope Overview
Netskope OverviewNetskope
 
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Web App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationWeb App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationQualys
 
The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1William Kiss
 
Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?SwiftTech Solutions, Inc.
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Netskope
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforcejlieberman07
 

Mais procurados (20)

The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - Presentation
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
 
BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with business
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Know
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
 
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity Edition
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good Thing
 
Netskope Overview
Netskope OverviewNetskope Overview
Netskope Overview
 
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Web App Attacks - Stats & Remediation
Web App Attacks - Stats & RemediationWeb App Attacks - Stats & Remediation
Web App Attacks - Stats & Remediation
 
The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1The Silver Bullet of Cyber Security v1.1
The Silver Bullet of Cyber Security v1.1
 
Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?Video surveillance: Why should my business use it?
Video surveillance: Why should my business use it?
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Prevention
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforce
 

Semelhante a Paul Malone of TSSG spoke at the IERC debate entitled “The Internet of Energy Things will deliver a Secure, Cheap and Sustainable Energy Future”.

Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14Vanguard Visions
 
Big data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursDilum Bandara
 
Where in the world is your Corporate data?
Where in the world is your Corporate data?Where in the world is your Corporate data?
Where in the world is your Corporate data?Ashish Patel
 
Data Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Driven Innovation
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYETDAofficialRegist
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Huntsman Security
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or looseBjørn Sloth
 
Guardium Data Activiy Monitor For C- Level Executives
Guardium Data Activiy Monitor For C- Level ExecutivesGuardium Data Activiy Monitor For C- Level Executives
Guardium Data Activiy Monitor For C- Level ExecutivesCamilo Fandiño Gómez
 
Clearswift f5 information_visibility_reducing_business_risk_whitepaper
Clearswift f5 information_visibility_reducing_business_risk_whitepaperClearswift f5 information_visibility_reducing_business_risk_whitepaper
Clearswift f5 information_visibility_reducing_business_risk_whitepaperMarco Essomba
 
Martin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloudMartin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloudContent Guru Benelux
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänsterTranscendent Group
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNAMatteo Masi
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Cloud Security Alliance Lviv Chapter
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?CA Technologies
 

Semelhante a Paul Malone of TSSG spoke at the IERC debate entitled “The Internet of Energy Things will deliver a Secure, Cheap and Sustainable Energy Future”. (20)

Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14Top tips for protecting your business online (updated) Feb 14
Top tips for protecting your business online (updated) Feb 14
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
 
Big data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is Yours
 
Where in the world is your Corporate data?
Where in the world is your Corporate data?Where in the world is your Corporate data?
Where in the world is your Corporate data?
 
Data Analytics for Security Intelligence
Data Analytics for Security IntelligenceData Analytics for Security Intelligence
Data Analytics for Security Intelligence
 
Trends in Cybersecurity
Trends in CybersecurityTrends in Cybersecurity
Trends in Cybersecurity
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
Seclud it polesc_sjuly7
Seclud it polesc_sjuly7Seclud it polesc_sjuly7
Seclud it polesc_sjuly7
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or loose
 
Guardium Data Activiy Monitor For C- Level Executives
Guardium Data Activiy Monitor For C- Level ExecutivesGuardium Data Activiy Monitor For C- Level Executives
Guardium Data Activiy Monitor For C- Level Executives
 
Clearswift f5 information_visibility_reducing_business_risk_whitepaper
Clearswift f5 information_visibility_reducing_business_risk_whitepaperClearswift f5 information_visibility_reducing_business_risk_whitepaper
Clearswift f5 information_visibility_reducing_business_risk_whitepaper
 
Martin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloudMartin Vliem (Microsoft): Met vertrouwen naar de cloud
Martin Vliem (Microsoft): Met vertrouwen naar de cloud
 
Frukostseminarium om molntjänster
Frukostseminarium om molntjänsterFrukostseminarium om molntjänster
Frukostseminarium om molntjänster
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
journal paper
journal paperjournal paper
journal paper
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
 

Mais de Walton Institute

Drug-delivery to the Brain using Neural Communications
Drug-delivery to the Brain using Neural CommunicationsDrug-delivery to the Brain using Neural Communications
Drug-delivery to the Brain using Neural CommunicationsWalton Institute
 
TSSB Brain Initiative - Overview of Nano and Molecular Communications and Bra...
TSSB Brain Initiative - Overview of Nano and Molecular Communications and Bra...TSSB Brain Initiative - Overview of Nano and Molecular Communications and Bra...
TSSB Brain Initiative - Overview of Nano and Molecular Communications and Bra...Walton Institute
 
Agri-Digitalisation - Shaping & Creating Development
Agri-Digitalisation - Shaping & Creating Development Agri-Digitalisation - Shaping & Creating Development
Agri-Digitalisation - Shaping & Creating Development Walton Institute
 
Glanbia & the Importance of PACE to the South-East
Glanbia & the Importance of PACE to the South-East Glanbia & the Importance of PACE to the South-East
Glanbia & the Importance of PACE to the South-East Walton Institute
 
The Impact of Research & Industry Collaboration
The Impact of Research & Industry CollaborationThe Impact of Research & Industry Collaboration
The Impact of Research & Industry CollaborationWalton Institute
 
VistaMilk SFI Research Centre - Teagasc
VistaMilk SFI Research Centre - TeagascVistaMilk SFI Research Centre - Teagasc
VistaMilk SFI Research Centre - TeagascWalton Institute
 
VistaMilk Communication Technologies Research
VistaMilk Communication Technologies ResearchVistaMilk Communication Technologies Research
VistaMilk Communication Technologies ResearchWalton Institute
 
mhealth - The role of Technology
mhealth - The role of Technologymhealth - The role of Technology
mhealth - The role of TechnologyWalton Institute
 
Wizeoni - Tech connect Live
Wizeoni - Tech connect LiveWizeoni - Tech connect Live
Wizeoni - Tech connect LiveWalton Institute
 
Steven davy iot_techconnect
Steven davy iot_techconnectSteven davy iot_techconnect
Steven davy iot_techconnectWalton Institute
 
Entreprise Ireland - Technology Gateways
Entreprise Ireland - Technology GatewaysEntreprise Ireland - Technology Gateways
Entreprise Ireland - Technology GatewaysWalton Institute
 

Mais de Walton Institute (20)

EI strategy 2021 2022
EI strategy 2021 2022EI strategy 2021 2022
EI strategy 2021 2022
 
Drug-delivery to the Brain using Neural Communications
Drug-delivery to the Brain using Neural CommunicationsDrug-delivery to the Brain using Neural Communications
Drug-delivery to the Brain using Neural Communications
 
TSSB Brain Initiative - Overview of Nano and Molecular Communications and Bra...
TSSB Brain Initiative - Overview of Nano and Molecular Communications and Bra...TSSB Brain Initiative - Overview of Nano and Molecular Communications and Bra...
TSSB Brain Initiative - Overview of Nano and Molecular Communications and Bra...
 
Agri-Digitalisation - Shaping & Creating Development
Agri-Digitalisation - Shaping & Creating Development Agri-Digitalisation - Shaping & Creating Development
Agri-Digitalisation - Shaping & Creating Development
 
Glanbia & the Importance of PACE to the South-East
Glanbia & the Importance of PACE to the South-East Glanbia & the Importance of PACE to the South-East
Glanbia & the Importance of PACE to the South-East
 
The Impact of Research & Industry Collaboration
The Impact of Research & Industry CollaborationThe Impact of Research & Industry Collaboration
The Impact of Research & Industry Collaboration
 
VistaMilk SFI Research Centre - Teagasc
VistaMilk SFI Research Centre - TeagascVistaMilk SFI Research Centre - Teagasc
VistaMilk SFI Research Centre - Teagasc
 
H2020 Agri-Tech
H2020 Agri-TechH2020 Agri-Tech
H2020 Agri-Tech
 
SmartAgriHubs
SmartAgriHubsSmartAgriHubs
SmartAgriHubs
 
VistaMilk Communication Technologies Research
VistaMilk Communication Technologies ResearchVistaMilk Communication Technologies Research
VistaMilk Communication Technologies Research
 
Safer Cycle
Safer CycleSafer Cycle
Safer Cycle
 
EU Brasil Cloud Forum
EU Brasil Cloud ForumEU Brasil Cloud Forum
EU Brasil Cloud Forum
 
mhealth - The role of Technology
mhealth - The role of Technologymhealth - The role of Technology
mhealth - The role of Technology
 
Wizeoni - Tech connect Live
Wizeoni - Tech connect LiveWizeoni - Tech connect Live
Wizeoni - Tech connect Live
 
Steven davy iot_techconnect
Steven davy iot_techconnectSteven davy iot_techconnect
Steven davy iot_techconnect
 
Accugraze
AccugrazeAccugraze
Accugraze
 
PCR Digital Test Tube
PCR Digital Test TubePCR Digital Test Tube
PCR Digital Test Tube
 
Farm safety management
Farm safety managementFarm safety management
Farm safety management
 
Entreprise Ireland - Technology Gateways
Entreprise Ireland - Technology GatewaysEntreprise Ireland - Technology Gateways
Entreprise Ireland - Technology Gateways
 
Pitching for investment
Pitching for investmentPitching for investment
Pitching for investment
 

Último

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 

Último (20)

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 

Paul Malone of TSSG spoke at the IERC debate entitled “The Internet of Energy Things will deliver a Secure, Cheap and Sustainable Energy Future”.

  • 1. IERC Conference 2015 Paul Malone 13th May 2015 12/05/2015   www.tssg.org  
  • 2. The internet of energy things will deliver a secure, cheap and sustainable energy future 12/05/2015   www.tssg.org   2  
  • 3. The internet of energy things will deliver a secure?, cheap and sustainable energy future 14/05/2015   www.tssg.org   3  
  • 4. •  Increased attack surface •  Difficulty of patching devices •  Lack of data governance frameworks 12/05/2015   www.tssg.org   4  
  • 5. Increased attack surface 12/05/2015   www.tssg.org   5  
  • 6. 12/05/2015   www.tssg.org   6   Source:  Cisco  
  • 7. 2014  Verizon  Data  Breach   Inves6ga6ons  Report   12/05/2015   www.tssg.org   7   Source:  Verizon  
  • 8. The  OWASP  Internet  of  Things  Top  10     1.  Insecure Web Interface 2.  Insufficient Authentication/Authorization 3.  Insecure Network Services 4.  Lack of Transport Encryption 5.  Privacy Concerns 6.  Insecure Cloud Interface 7.  Insecure Mobile Interface 8.  Insufficient Security Configurability 9.  Insecure Software/Firmware 10. Poor Physical Security https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project 12/05/2015   www.tssg.org   8  
  • 9. Difficulty of patching devices 12/05/2015   www.tssg.org   9  
  • 10. HP  Report  2014   “70 percent of the most commonly used Internet of Things (IoT) devices contain vulnerabilities, including password security, encryption and general lack of granular user access permissions.” “IoT devices averaged 25 vulnerabilities per product, indicating expanding attack surface for adversaries” 12/05/2015   www.tssg.org   10  
  • 11. “The challenge is, you see all of these devices coming online at a rapid clip, without robust security. … Trying to apply a patch to a thermostat in the home is going to be much more challenging.” - Gary Davis, Intel Security 12/05/2015   www.tssg.org   11  
  • 12. Foscam  Baby  Monitor   •  Multiple vulnerabilities •  100,000 cameras in the wild (easy to find) •  20% default user “admin” no password •  Vendor generated a patch (for some of the vulnerabilities) •  99% of cameras still ran the older firmware 12/05/2015   www.tssg.org   12  
  • 13. Lack of agreed Data Governance Frameworks 12/05/2015   www.tssg.org   13  
  • 14. •  Huge amounts of data •  Regulatory and compliance complexities •  Assurances with regard to PII –  Where is my data? –  Who has access? •  What assurances does the consumer have? –  How is my data being used? •  What is the value to me? •  What is the value to 3rd parties? 12/05/2015   www.tssg.org   14  
  • 15. 12/05/2015   www.tssg.org   15   What about Surveillance?
  • 16. “If privacy and confidentiality isn’t designed in up front, on top of the security capabilities provided by the enabling M2M infrastructure (including authentication, access control, data protection), the benefits of the IoT cannot be fully realized.” - Tim Carey, Alcatel Lucent 12/05/2015   www.tssg.org   16  
  • 17. The internet of energy things will deliver a secure, cheap and sustainable energy future 14/05/2015   www.tssg.org   17  
  • 18. The internet of energy things will deliver a secure, cheap and sustainable energy future can 12/05/2015   www.tssg.org   18  
  • 19. The internet of energy things will deliver a secure, cheap and sustainable energy future can 14/05/2015   www.tssg.org   19   But only if security is addressed first!
  • 20. “You cannot escape the responsibility of tomorrow by evading it today.” - Abraham Lincoln 12/05/2015   www.tssg.org   20