2 min to read
Security of Things World
Rethinking security multi disciplinary!
Security of Things World 2017 - Berlin
About 200 leading experts of IT, Operational Technology (OT), IoT and Cyber Security communities discussed at the “Security of Things World 2017” in Berlin how to secure the connected future. At conference I heard a really inspirating talk from Beau Woods.
A New Era of Cyber Safety Capabilities
Speaker: Beau Woods @beauwoods
The Internet of Things is different from corporate IT in a lot of critical aspects. Failures, outages and hacks will disrupt our society and will lead to threat for health and life. Beau Woods remembers us to think about a paradigma like “cyber hygiene”. Every business has cyber risks and business cases have a often weak immun system. In daily life we are confronted with a enourmous quantity of threats. With cyber hygiene, like secure connections, strong passwords, secure by design and so on we can defend dangerous threats against our business, health or life.
Also we don’t really know about the incredients of our things in the internet. Some components have dangerous vulns or are easy to manipulate or reconfigure. What’s about security verifcation of used components in IoT - “nutrition facts”. In some cases we must think about “cyber safety” in additon to cyber security.
Thx Beau Woods for inspiration.
True Cost and Real Benefits of Industrial Internet of Things Security
Speaker: Herbert Dirnberger @dirnberg
In the best practice talk I explained and discussed the process how to implement security in industrial IoT systems. The expected costs of security measures for minimizing risk, the costs of incidents response and the benefit and value added of optimized processes in the whole system life cycle can help to solve to find the right alignment.
My short summary!
- Don’t think in camps and silos, but in lifecycle!
- IIoT security is about defense and enabler.
- „The best way to predict the future is to invent it.“
Dirnberger2017-True Cost and Real Benefits of Industrial Internet of Things Security
Impressions and findings
My personal impression which I get in discussion and networking at the conference.
- We are looking for adequate security for our business models.
- We need to implement security at the beginning and consider all stage of the life cicle. From blue prints of business model to legacy, until end of life. Afterwards adaptions are mostly inefficient.
- At the time we have no common efficient approach either open source nor closed standards to secure the IoT.
- To create a secure future of IoT we need collaboration, co-creation, standards and pragmatic solutions.
Our standard receipes from IT and Information Security like security standards, security by design (vuln free), defense in depth, risk-, business continuity and information security management (systems) don’t really work for IoT or Industrial Control Systems.