Originally published on TechTarget Security. Alvaka’s COO and CISO—Kevin McDonald—talks about IOT cybersecurity challenges and the debate of accountability for the poor manufacturing, implementation and management.
IoT technologies offer a plethora of benefits and opportunities that are just beginning to be realized. Organizations of all shapes and sizes — from manufacturing to healthcare to automotive and more — can collect real-time data to monitor and control their surroundings and power smart cities, factories, buildings, campuses and homes.
These benefits and opportunities, however, can only be truly enjoyed if the devices are properly secured, deployed and configured. Unfortunately, with anything as powerful, new and ubiquitous as IoT, significant risks to safety, security and privacy are all too real.
Historically, securing the few million industrial control devices deployed across utilities and industries was a struggle — and this was long before they became internet-connected. Now, by some accounts, billions of potentially insecure IoT devices will need to be dealt with in more verticals than ever before. Industrial control engineers and manufacturers of yesteryear may get a pass for mistakes made decades before the advent of industrial control internet connectivity, but the engineers and manufacturers designing today’s IoT devices without keeping security in mind can’t be excused — and neither can the end users and enterprises deploying them.
From connected cameras being enlisted in bot armies that deliver devastating distributed denial-of-service attacks to a smart fish tank being the gateway to hacking a casino, the challenges of securing IoT are compounding. Add in lower costs, and increasingly, simplistic deployment and security issues abound. Cheaply made, poorly designed and configured, rushed-to-market devices sold with too much capability and little or no security threaten enterprises, industrial organizations and governments. The major question becomes: Just whose responsibility is IoT security, anyway?…
Click here to read the full article on TechTarget.
Blog written by Kevin McDonald, COO & CISO – Alvaka Networks
Kevin B. McDonald is the chief operating officer and chief information security officer at Alvaka Networks. Kevin is a trusted technology and security practitioner and public policy advisor to some of America’s most influential people and organizations. He advises corporate executives, federal and state legislators, law enforcement, high net worth individuals and other business leaders. He is a sought after consultant, writer, presenter and trainer on the issues surrounding personal, physical and cyber security, compliance and advanced technology. Kevin has written for and been interviewed by dozens of national publications and on major television, radio and digital outlets.