'Internet of Evil Things' is CISOs' Next Nightmare: Developing a Risk and Compliance Framework
With over 83 percent of companies having printers in their default configuration, with default passwords, and unencrypted Wi-Fi, what will be the threat landscape within smart cities, where there is even less security governance?
The number of IoT devices will proliferate to over one trillion in the next few years, but any device that can communicate with another potentially can provide a direct conduit from the public internet to some very private and valuable information. In our rush to connect everything together, secure connectivity and information handling is frequently an afterthought, if ever even a thought at all.
Is it possible to instill sound SDL (security development lifecycle) practices into device manufacturers? Practices are improving, with more refinements on the way. But hope, as they say, is not a strategy.
An alternative to waiting for built-in security to gestate is to bolt it on. Several gatekeeper onboarding solutions exist for brokering the relationship between enterprise and device, limiting connectivity in controlled phases, and managing patch levels, authorization and connectivity to within acceptable limits. The session will discuss:
- A holistic approach to secure IoT from the design stage and working out a risk and compliance framework taking cognizance of legal regulation, standards and certifications;
- Evolving a governance framework to see the big picture and risk in the interdependence of each system;
- Capacity building - developing standards, manpower, developing professional, and agency certification.
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.