Cybersecurity Blog: The Cyber Scene is evolving, are you?

As I noted in my earlier blog post, there is growing concern about the cybersecurity risks with the Internet of Things (IoT), particularly their effects on third parties as the recent Mirai botnet attack demonstrated.  At this year’s RSA Conference in San Francisco, IoT cybersecurity was one of the most discussed topics ranging from policy to the latest exploits. I was fortunate to serve on a panel discussing IoT and ransomware in front of a packed room.  While hype is undoubtedly a factor, the massive interest certainly demonstrates the huge market forces at work that are still in their infancy.  As Bruce Schneier noted in his RSAC talk, the social, economic, and safety implications of the Internet of Things means that government regulations are not far behind. In fact, Bruce even advocates for the establishment of a government agency to address it while acknowledging that he currently cannot provide the details for how such an agency would operate, what regulations would be needed, or how such regulations would be enforced. 

Read more

Lots of people are talking about the “Internet of Things” and what it means to the Internet’s future. Not all of these comments are good.

Consider that Government Computer News (GCN) ran an article titled “The Internet of malware-infected things” discussing body cameras that were found to be infected by the Conficker worm, from the factory. Along the same lines, Federal Computer Week commented “The Internet of Things leaves public and private computer systems essentially indefensible, and no amount of security guidance can provide salvation." In the article NIST fellow Ron Ross commented “You can comply perfectly … and still have a very vulnerable infrastructure because of the complexity.”

Read more

The United States and Europe have never quite been on the same page when it comes to privacy. Traditionally, European governments have taken a more stringent approach regarding their laws and regulations than the US Federal Government. Complicating matters further, brand new European privacy laws that are even stricter may be headed on a collision course with US-based firms, particularly with organizations within that embrace the Internet of Things (IoT) in record numbers. As a result, companies that do business internationally will need a solid plan and dedicated tools to keep ahead of the new regulations.

Read more