IoT, Risk and Workshop - Cyber Security Informer

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT

IoT Firmware Risk Encryption

Convergent Evolution: SP 800-213, the Federal Profile, and the IoT Cybersecurity Catalog

NSTIC

DECEMBER 2, 2021

NIST has been engaged for several years in developing guidance for Internet of Things (IoT) cybersecurity.

IoT

IoT Cybersecurity Internet Internet

Adoption of Secure Cloud Services in Critical Infrastructure

CyberSecurity Insiders

OCTOBER 28, 2022

In an example from last year, lack of risk-based adoption of cloud software and lack of controls to prevent access to ICS networks caused service disruption at a US drinking water treatment facility, where cyber-attack via poorly controlled cloud software (desktop sharing) had increased sodium hydroxide levels in drinking water [v].

IoT

IoT Architecture Energy and Utilities Firewall

9 New NIST Cybersecurity & Privacy Goals

SecureWorld News

FEBRUARY 8, 2021

And the NIST Risk Management Framework (RMF) provides details for creating cyber policies through a risk base approach. Here are NIST's nine priority areas of focus for the coming years: Enhancing risk management. The NIST Privacy Framework (PF) is now more than a year old. Strengthening cryptographic standards and validation.

Cybersecurity

Cybersecurity IoT Education Risk

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

Privacy and Cybersecurity Law

MAY 17, 2017

The National Institute of Standards and Technology (NIST) is holding a Cybersecurity Framework Workshop this week at its headquarters in Gaithersburg, Maryland. The purpose of the workshop is to discuss issues related to its widely used Cybersecurity Framework.

IoT

IoT Internet Internet Cybersecurity

AT&T Business Summit is virtual Oct. 27-28 and free!

CyberSecurity Insiders

SEPTEMBER 27, 2021

Description: PERSPECTIVE: Many companies embrace mobile, video, cloud, and IoT technologies to stay competitive and relevant amidst ever-growing demands from customers and partners. Challenges born from neither securing nor understanding your supply chain represent enormous risks to your business, your brand, and your customers.

Digital transformation

Digital transformation Ransomware Technology IoT

NIST Shores Up CSF 2.0 With Supply Chain, Governance Reforms

Security Boulevard

FEBRUARY 28, 2023

In advance of the public comment period, the standards organization wrapped up the last stakeholder workshops last week. of Commerce National Institute of Standards and Technology (NIST) will open a comment period for stakeholders on proposed significant reform to its Cybersecurity Framework (CSF). It is the first time in five years that.

Government

Government Technology Cybersecurity CISO

It’s Official: (ISC)² Security Congress is Back for the 11th Year in a Row!

CyberSecurity Insiders

MAY 27, 2021

This year’s event is expected to bring together more than 4,000 professionals and will include more than 80 sessions and 100 speakers focused on topics from IoT, Security Automation and Industrial Control Systems to Cloud Security, Governance, Risk and Compliance, and Zero Trust.

Education

Education IoT Cybersecurity Government

There’s no better time for zero trust

Cisco Security

OCTOBER 20, 2022

Couple that with hybrid work , IoT, the move to the cloud, and more emboldened attackers, and organizational risk increases exponentially. Adopting a zero trust model can dramatically reduce this risk by eliminating implicit trust. Continuously verify trust to detect any change in risk even after initial access is granted.

Authentication

Authentication Technology Architecture VPN

Introduction to the purpose of AWS Transit Gateway

CyberSecurity Insiders

MAY 30, 2023

AWS Services – AWS offers a broad set of global cloud-based products, including compute, storage, database, analytics, networking, machine learning and AI, mobile, developer tools, IoT, security, enterprise applications, and more. Use a dashboard to visualize better data transfer charges – this workshop will show how.

Architecture

Architecture Threat Detection Technology Internet

How Your Company Can Prevent a Cyberattack

Adam Levin

AUGUST 21, 2019

There will soon be more than 30 billion connected devices “out there’ in consumer hands, on their wrists, in their laps, cars, kitchens, walls, and, yes, at work–in short, IoT is everywhere, our connectables almost always go with us. Okay, so the obvious metaphor everyone is used to is the vectors of a virus on the move.

Phishing

Phishing Accountability Hacking Cybersecurity

What’s in the NIST Privacy Framework 1.1?

Centraleyes

MARCH 14, 2024

Initially introduced as The NIST Privacy Framework : A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0, The adjustment of the NIST Privacy Framework in response to new frameworks like the NIST’s AI Risk Management Framework (AI RMF) and the update to the NIST Cybersecurity Framework (CSF) to Version 2.0

Government

Government Risk Technology Artificial Intelligence

The Zero-Trust Approach to Important Control Planes

Duo's Security Blog

MARCH 3, 2021

In the IoT world, device counts are skyrocketing, and so are their capabilities. These policies take into account the risk level of the resource that is being accessed as well as the conditions of the access. So, a high-risk resource will require a higher level of examination and approval before access is granted.

Architecture

Architecture Authentication CISO Risk

Cybersecurity Labeling of IoT Devices: Will It Happen in 2023?

SecureWorld News

OCTOBER 13, 2022

consumers could have a set of cybersecurity labeling standards to protect their Internet of Things (IoT) devices as early as spring 2023 if the White House National Security Council has its way. Come up with roughly four solid cybersecurity standards that manufacturers of IoT devices can use to properly label cybersecurity risks to users.

IoT

IoT Cybersecurity Manufacturing Internet

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

IoT Design Frameworks 2.2. Threat modeling can be applied to a wide range of things, including software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and business processes. Mind maps can be a good way to collaboratively develop this phase within a threat modelling workshop.

IoT

IoT Firmware Mobile Manufacturing

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

And, there’s thirty more villages including Girls Hack Village, the Voting Machine Hacking village, the IoT Village, and the Bio Hacking village. And by de I'm an analyst at Javelin strategy and research where I do security risk and fraud for the financial services industry. In each you will find people with like interests.

Hacking

Hacking Computers and Electronics InfoSec Software

The Hacker Mind Podcast: Surviving Stalkerware

ForAllSecure

SEPTEMBER 21, 2021

They discuss how software and IoT companies can avoid becoming the next Black Mirror episode and share resources that can help survivors (and those who want to help them) deal with the technology issues that can be associated with technologically facilitated abuse. But what about IoT devices? What about social media?

Technology

Technology Software Surveillance Media

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Krebs on Security

OCTOBER 5, 2018

Take, for instance, the problem right now with insecure Internet of Things (IoT) devices — cheapo security cameras, Internet routers and digital video recorders — sold at places like Amazon and Walmart. You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk.

Computers and Electronics

Computers and Electronics IoT Technology Manufacturing

Cyber Security Informer

IoT Unravelled Part 3: Security

Convergent Evolution: SP 800-213, the Federal Profile, and the IoT Cybersecurity Catalog

Trending Sources

Adoption of Secure Cloud Services in Critical Infrastructure

9 New NIST Cybersecurity & Privacy Goals

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

AT&T Business Summit is virtual Oct. 27-28 and free!

NIST Shores Up CSF 2.0 With Supply Chain, Governance Reforms

It’s Official: (ISC)² Security Congress is Back for the 11th Year in a Row!

There’s no better time for zero trust

Introduction to the purpose of AWS Transit Gateway

How Your Company Can Prevent a Cyberattack

What’s in the NIST Privacy Framework 1.1?

The Zero-Trust Approach to Important Control Planes

Cybersecurity Labeling of IoT Devices: Will It Happen in 2023?

IoT Secure Development Guide

The Hacker Mind Podcast: DEF CON Villages

The Hacker Mind Podcast: Surviving Stalkerware

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Stay Connected