SlideShare uma empresa Scribd logo

Emerging Technology Risk Series - Internet of Things (IoT)

Eryk Budi Pratama
Eryk Budi Pratama

Presented at Indonesia Honeynet Project (IHP) meetup. This presentation covering: 1. Overview of Industry 4.0 2. IoT Security Model 3. How to Secure IoT 4. Research in IoT Other emerging technology risk area that will be covered in my professional services: 1. Cloud 2. Mobile 3. Artificial Intelligence / Intelligent Automation 4. Data & Analytics

Tecnologia
1 de 26
Emerging Technology Risk Internet of Things (IoT) Eryk Budi Pratama 05 April 2019 Indonesia Honeynet Project (IHP) Sharing Session
Overview
Industry 4.0 Evolution Source: http://resources.aima.in/presentations/AIMA-KPMG-industry-4-0-report.pdf
Industry 4.0 Evolution Source: http://resources.aima.in/presentations/AIMA-KPMG-industry-4-0-report.pdf The application of Cyber Physical System (CPS) in manufacturing leads to “connected factories”
Industry 4.0 Evolution Industry 4.0 key technology levers Internet of Things (IoT) Cloud Computing Big Data Analytics Robotics Cyber Security M2M Augmented Reality Additive Manufacturing Blockchain
Industry 4.0 Framework Source: https://assets.kpmg/content/dam/kpmg/xx/pdf/2017/05/beyond-the-hype.pdf
I4.0 – Smart Cities Source: https://www.weforum.org/agenda/2019/01/the-anatomy-of-a-smart-city/ Smart Monitor:  Transportation  Utilities  Infrastructure  Environment  Building  Life Example:  Electric transport  Traffic monitoring & control  Water monitoring  WIFI  Waste management  Building management  Perimeter access control
I4.0– Smart Manufacturing Source: https://iot-analytics.com/industrial-internet-disrupt-smart-factory/
Investment in Emerging Techology Source: https://advisory.kpmg.us/content/dam/advisory/en/pdfs/2018/disruption-is-the-new-norm-emerging-teck-risk.pdf Mobile Application Internet of Things Cloud
Internet of Things (IoT)
IoT Market Source: IoT Analytics, 2018
IoT Adoption Challenge Source: https://assets.kpmg/content/dam/kpmg/xx/pdf/2017/04/risk-or-reward-what-lurks-within-your-IoT.pdf
Case Studies Source: https://assets.kpmg/content/dam/kpmg/xx/pdf/2017/04/risk-or-reward-what-lurks-within-your-IoT.pdf
IoT Privacy by Design Source: https://www.gsma.com/iot/iot-security-assessment/
IoT Security Model Source: https://www.gsma.com/iot/iot-security-assessment/
Sample – Connected Car Attack Surface Source: https://www.gsma.com/iot/iot-security-assessment/
Sample – Smart Factory Attack Surface Source: https://www.gsma.com/iot/iot-security-assessment/ Attack Factor  Malware  Ransomware  Spear Phishing  Multiple vulnerab ilities  Device/Hardwar e hacking
Securing IoT
OWASP IoT Security Source: https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project OWASP Top 10 IoT 2018 1. Weak, Guessable, or Harcoded password 2. Insecure Network Service 3. Insecure Ecosystem Interfaces 4. Lack of Secure Update Mecha nism 5. Use of Insecure or Outdated Components 6. Insufficient Privacy Protection 7. Insecure Data Transfer and Storage 8. Lack of Device Management 9. Insecure Default Settings 10. Lack of physical hardening
IoT Security Foundation https://www.iotsecurityfoundation.org/best-practice-guidelines/ Secure Design Components: 1. Classification of Data 2. Physical Security 3. Device Secure Boot 4. Secure Operating System 5. Application Security 6. Credential Management 7. Encryption 8. Network Connection 9. Securing Software Updates 10.Logging 11.Software Update Policy IoT Security Foundation Publication: 1. IoT Security Compliance Framework 2. IoT Security Compliance Questionnaire 3. Secure Design Best Practice Guides 4. HOME IoT Security Architecture and Policy 5. ENTERPRISE IoT Security Architecture and Policy 6. IoT Cybersecurity: Regulation Ready
GSMA IoT Security https://www.gsma.com/iot/iot-security/iot-security-guidelines/ IoT Security Assessment 1. IoT Service Information 2. IoT Security and Privacy Organisational Level 3. Checklist For Service Platforms 4. Checklist For Endpoint Devices
“IoT without security = Internet of Threats” ― Stephane Nappo
Research in IoT
Sample of Research Topics  Device management  Sensor data acquisition in management  Industrial applications based on IoT  Integration of data from multiple sources  Device diversity and interoperability  Flexibility and evolution of applications  Scale, data volume, and performance  Scalability in networking, storage and computation to handle exponential growth of data volume from sensors  Security of the data-at-flight and data-at-rest without compromising on scalability  Preservation of privacy of the user data and properly balancing between privacy and utility  Interoperability among sensor data sources (physical communication level, network level, data syntax level, and data semantics level)  Rich analytics and visualization (generic, sensor-specific, and domain - specific) provided in real-time, as required etc.
Sample of Tools  Arduino Works as both hardware specification for interactive electronics and software that includes an IDE and the Arduino programming language.  Eclipse IoT Project Supports application frameworks and services, open source implementation s of IoT protocols, including MQTT CoAP, OMA-DM and OMA LWM2M.  Kinoma Works as DIY construction kit for prototyping electronic device.  Node-RED Visual tool for wiring Internet of Things.  IoTSyS Work as IoT middleware which provides communication stack for smart devices.  OpenIoT Open source middleware used to get information from sensor clouds
Thank You proferyk@gmail.com

Recomendados

Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Ulf Mattsson
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoT
Amy Daly
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
Book
BookBook
Book
Ulf Mattsson
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
Allot Communications
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
Omar Khawaja
 
Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022)
Research On Global Markets
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
Abdullahi Arabo Jr (MEng, MBCS, PhD)
 

Recomendados

Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Ulf Mattsson
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoT
Amy Daly
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
Book
BookBook
Book
Ulf Mattsson
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
Allot Communications
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
Omar Khawaja
 
Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022)
Research On Global Markets
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
Abdullahi Arabo Jr (MEng, MBCS, PhD)
 
Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011)
PwC France
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threats
Maganathin Veeraragaloo
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Ulf Mattsson
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick Overview
Femi Ashaye
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
sajid mehmood
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
Advanced Technology Consulting (ATC)
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
Carlos Valderrama
 
CCA study group
CCA study groupCCA study group
CCA study group
IIBA UK Chapter
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
Ulf Mattsson
 
Challenges in implementating cyber security
Challenges in implementating cyber securityChallenges in implementating cyber security
Challenges in implementating cyber security
Inderjeet Singh
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?
sohailAhmad304
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2
SafeNet
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Michael Noel
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Ignyte Assurance Platform
 
Cloud Security: A Business-Centric Approach in 12 Steps
Cloud Security: A Business-Centric Approach in 12 StepsCloud Security: A Business-Centric Approach in 12 Steps
Cloud Security: A Business-Centric Approach in 12 Steps
Omar Khawaja
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breaches
xband
 
Top Cybersecurity Trends of 2021
Top Cybersecurity Trends of 2021Top Cybersecurity Trends of 2021
Top Cybersecurity Trends of 2021
Shawn Nutley
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
Yusuf Hadiwinata Sutandar
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7
Mukesh Chinta
 
Data Science for IoT
Data Science for IoTData Science for IoT
Data Science for IoT
Olivera Kotevska, Ph.D.
 
Development of web-based surveillance system for Internet of Things (IoT) app...
Development of web-based surveillance system for Internet of Things (IoT) app...Development of web-based surveillance system for Internet of Things (IoT) app...
Development of web-based surveillance system for Internet of Things (IoT) app...
journalBEEI
 

Mais conteúdo relacionado

Mais procurados

What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Ulf Mattsson
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
Carlos Valderrama
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
Ulf Mattsson
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Michael Noel
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Ignyte Assurance Platform
 

Mais procurados (20)

Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011)
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threats
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
 
Big Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick Overview
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
Challenges in implementating cyber security
Challenges in implementating cyber securityChallenges in implementating cyber security
Challenges in implementating cyber security
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?
 
Life After Compliance march 2010 v2
Life After Compliance march 2010 v2Life After Compliance march 2010 v2
Life After Compliance march 2010 v2
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
 
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply ChainsFortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
Fortifying Cyber Defense: How to Act Now to Protect Global Supply Chains
 
Cloud Security: A Business-Centric Approach in 12 Steps
Cloud Security: A Business-Centric Approach in 12 StepsCloud Security: A Business-Centric Approach in 12 Steps
Cloud Security: A Business-Centric Approach in 12 Steps
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breaches
 
Top Cybersecurity Trends of 2021
Top Cybersecurity Trends of 2021Top Cybersecurity Trends of 2021
Top Cybersecurity Trends of 2021
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
 
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7
 

Semelhante a Emerging Technology Risk Series - Internet of Things (IoT)

Development of web-based surveillance system for Internet of Things (IoT) app...
Development of web-based surveillance system for Internet of Things (IoT) app...Development of web-based surveillance system for Internet of Things (IoT) app...
Development of web-based surveillance system for Internet of Things (IoT) app...
journalBEEI
 
Analysis on IoT Challenges, Opportunities, Applications and Communication Models
Analysis on IoT Challenges, Opportunities, Applications and Communication ModelsAnalysis on IoT Challenges, Opportunities, Applications and Communication Models
Analysis on IoT Challenges, Opportunities, Applications and Communication Models
INFOGAIN PUBLICATION
 
Complexity of IOT/IOE Architectures for Smart Service Infrastructures Panel:...
Complexity of IOT/IOE Architectures for Smart Service Infrastructures Panel:...Complexity of IOT/IOE Architectures for Smart Service Infrastructures Panel:...
Complexity of IOT/IOE Architectures for Smart Service Infrastructures Panel:...
Paolo Nesi
 

Semelhante a Emerging Technology Risk Series - Internet of Things (IoT) (20)

Data Science for IoT
Data Science for IoTData Science for IoT
Data Science for IoT
 
Development of web-based surveillance system for Internet of Things (IoT) app...
Development of web-based surveillance system for Internet of Things (IoT) app...Development of web-based surveillance system for Internet of Things (IoT) app...
Development of web-based surveillance system for Internet of Things (IoT) app...
 
Io t of actuating things
Io t of actuating thingsIo t of actuating things
Io t of actuating things
 
Internet of Things -Overview
Internet of Things -OverviewInternet of Things -Overview
Internet of Things -Overview
 
Analysis on IoT Challenges, Opportunities, Applications and Communication Models
Analysis on IoT Challenges, Opportunities, Applications and Communication ModelsAnalysis on IoT Challenges, Opportunities, Applications and Communication Models
Analysis on IoT Challenges, Opportunities, Applications and Communication Models
 
Research Topics in Network Security for PhD
Research Topics in Network Security for PhDResearch Topics in Network Security for PhD
Research Topics in Network Security for PhD
 
lee2015.pdf
lee2015.pdflee2015.pdf
lee2015.pdf
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of things
 
Questions in iot
Questions in iotQuestions in iot
Questions in iot
 
EMC Solutions for the Internet of Things and Industrie 4.0 - Platforms (Hando...
EMC Solutions for the Internet of Things and Industrie 4.0 - Platforms (Hando...EMC Solutions for the Internet of Things and Industrie 4.0 - Platforms (Hando...
EMC Solutions for the Internet of Things and Industrie 4.0 - Platforms (Hando...
 
Iot transforming the future of agriculture
Iot transforming the future of agricultureIot transforming the future of agriculture
Iot transforming the future of agriculture
 
A Smart ITS based Sensor Network for Transport System with Integration of Io...
A Smart ITS based Sensor Network for Transport System with Integration of Io...A Smart ITS based Sensor Network for Transport System with Integration of Io...
A Smart ITS based Sensor Network for Transport System with Integration of Io...
 
Complexity of IOT/IOE Architectures for Smart Service Infrastructures Panel:...
Complexity of IOT/IOE Architectures for Smart Service Infrastructures Panel:...Complexity of IOT/IOE Architectures for Smart Service Infrastructures Panel:...
Complexity of IOT/IOE Architectures for Smart Service Infrastructures Panel:...
 
Teollinen internet: mistä liiketoimintahyötyä? - Heikki Ailisto
Teollinen internet: mistä liiketoimintahyötyä? - Heikki AilistoTeollinen internet: mistä liiketoimintahyötyä? - Heikki Ailisto
Teollinen internet: mistä liiketoimintahyötyä? - Heikki Ailisto
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)
 
IRJET - A Study on Smart Way for Securing IoT Devices
IRJET - A Study on Smart Way for Securing IoT DevicesIRJET - A Study on Smart Way for Securing IoT Devices
IRJET - A Study on Smart Way for Securing IoT Devices
 
76 s201918
76 s20191876 s201918
76 s201918
 
Internet of Things- Remote Desktop & Wireless Hibernation
Internet of Things- Remote Desktop & Wireless HibernationInternet of Things- Remote Desktop & Wireless Hibernation
Internet of Things- Remote Desktop & Wireless Hibernation
 
National seminar on emergence of internet of things (io t) trends and challe...
National seminar on emergence of internet of things (io t) trends and challe...National seminar on emergence of internet of things (io t) trends and challe...
National seminar on emergence of internet of things (io t) trends and challe...
 
Abid - Final Presentation .pptx
Abid - Final Presentation .pptxAbid - Final Presentation .pptx
Abid - Final Presentation .pptx
 

Mais de Eryk Budi Pratama

Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIRingkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Eryk Budi Pratama
 
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Eryk Budi Pratama
 

Mais de Eryk Budi Pratama (20)

Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIRingkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
 
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program Implementation
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber Security
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in Indonesia
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data Pribadi
 
Modern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL IndonesiaModern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL Indonesia
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI Webinar
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - Eryk
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
 
Guardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsGuardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & Analytics
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0
 
Identity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsIdentity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOps
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 

Último

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Último (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 

Emerging Technology Risk Series - Internet of Things (IoT)

  • 1. Emerging Technology Risk Internet of Things (IoT) Eryk Budi Pratama 05 April 2019 Indonesia Honeynet Project (IHP) Sharing Session
  • 3. Industry 4.0 Evolution Source: http://resources.aima.in/presentations/AIMA-KPMG-industry-4-0-report.pdf
  • 4. Industry 4.0 Evolution Source: http://resources.aima.in/presentations/AIMA-KPMG-industry-4-0-report.pdf The application of Cyber Physical System (CPS) in manufacturing leads to “connected factories”
  • 5. Industry 4.0 Evolution Industry 4.0 key technology levers Internet of Things (IoT) Cloud Computing Big Data Analytics Robotics Cyber Security M2M Augmented Reality Additive Manufacturing Blockchain
  • 6. Industry 4.0 Framework Source: https://assets.kpmg/content/dam/kpmg/xx/pdf/2017/05/beyond-the-hype.pdf
  • 7. I4.0 – Smart Cities Source: https://www.weforum.org/agenda/2019/01/the-anatomy-of-a-smart-city/ Smart Monitor:  Transportation  Utilities  Infrastructure  Environment  Building  Life Example:  Electric transport  Traffic monitoring & control  Water monitoring  WIFI  Waste management  Building management  Perimeter access control
  • 8. I4.0– Smart Manufacturing Source: https://iot-analytics.com/industrial-internet-disrupt-smart-factory/
  • 9. Investment in Emerging Techology Source: https://advisory.kpmg.us/content/dam/advisory/en/pdfs/2018/disruption-is-the-new-norm-emerging-teck-risk.pdf Mobile Application Internet of Things Cloud
  • 11. IoT Market Source: IoT Analytics, 2018
  • 12. IoT Adoption Challenge Source: https://assets.kpmg/content/dam/kpmg/xx/pdf/2017/04/risk-or-reward-what-lurks-within-your-IoT.pdf
  • 14. IoT Privacy by Design Source: https://www.gsma.com/iot/iot-security-assessment/
  • 15. IoT Security Model Source: https://www.gsma.com/iot/iot-security-assessment/
  • 16. Sample – Connected Car Attack Surface Source: https://www.gsma.com/iot/iot-security-assessment/
  • 17. Sample – Smart Factory Attack Surface Source: https://www.gsma.com/iot/iot-security-assessment/ Attack Factor  Malware  Ransomware  Spear Phishing  Multiple vulnerab ilities  Device/Hardwar e hacking
  • 19. OWASP IoT Security Source: https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project OWASP Top 10 IoT 2018 1. Weak, Guessable, or Harcoded password 2. Insecure Network Service 3. Insecure Ecosystem Interfaces 4. Lack of Secure Update Mecha nism 5. Use of Insecure or Outdated Components 6. Insufficient Privacy Protection 7. Insecure Data Transfer and Storage 8. Lack of Device Management 9. Insecure Default Settings 10. Lack of physical hardening
  • 20. IoT Security Foundation https://www.iotsecurityfoundation.org/best-practice-guidelines/ Secure Design Components: 1. Classification of Data 2. Physical Security 3. Device Secure Boot 4. Secure Operating System 5. Application Security 6. Credential Management 7. Encryption 8. Network Connection 9. Securing Software Updates 10.Logging 11.Software Update Policy IoT Security Foundation Publication: 1. IoT Security Compliance Framework 2. IoT Security Compliance Questionnaire 3. Secure Design Best Practice Guides 4. HOME IoT Security Architecture and Policy 5. ENTERPRISE IoT Security Architecture and Policy 6. IoT Cybersecurity: Regulation Ready
  • 21. GSMA IoT Security https://www.gsma.com/iot/iot-security/iot-security-guidelines/ IoT Security Assessment 1. IoT Service Information 2. IoT Security and Privacy Organisational Level 3. Checklist For Service Platforms 4. Checklist For Endpoint Devices
  • 22. “IoT without security = Internet of Threats” ― Stephane Nappo
  • 24. Sample of Research Topics  Device management  Sensor data acquisition in management  Industrial applications based on IoT  Integration of data from multiple sources  Device diversity and interoperability  Flexibility and evolution of applications  Scale, data volume, and performance  Scalability in networking, storage and computation to handle exponential growth of data volume from sensors  Security of the data-at-flight and data-at-rest without compromising on scalability  Preservation of privacy of the user data and properly balancing between privacy and utility  Interoperability among sensor data sources (physical communication level, network level, data syntax level, and data semantics level)  Rich analytics and visualization (generic, sensor-specific, and domain - specific) provided in real-time, as required etc.
  • 25. Sample of Tools  Arduino Works as both hardware specification for interactive electronics and software that includes an IDE and the Arduino programming language.  Eclipse IoT Project Supports application frameworks and services, open source implementation s of IoT protocols, including MQTT CoAP, OMA-DM and OMA LWM2M.  Kinoma Works as DIY construction kit for prototyping electronic device.  Node-RED Visual tool for wiring Internet of Things.  IoTSyS Work as IoT middleware which provides communication stack for smart devices.  OpenIoT Open source middleware used to get information from sensor clouds