Tens of thousands of technology enthusiasts are descending on Las Vegas for the annual CES show next week, many of them keen to see the latest innovations in connected gadgets. The Internet of Things (IoT) will have a bigger presence than ever at the event: a reflection of its increasingly important role in the corporate and consumer world. But as Trend Micro outlined in its 2019 predictions report, the IoT also represents a major security threat, which could impact manufacturers, service providers and end user organisations in a variety of ways.
As we start a new year, the only way to mitigate this risk is to work together across industry to improve security throughout the entire IoT ecosystem. Continue reading →
Consumer and enterprise security are usually treated as two discrete areas. But increasingly in 2019 we’ll see a convergence of threats. Ultimately, every employee is also a consumer — one who may work from a home filled with unsecured smart devices, exposing corporate systems and data to new threats.
The coming year therefore requires enterprise IT security teams to think more broadly about the risks facing their organisation, and ensure they have the policies and technologies in place to mitigate them. Continue reading →
The Internet of Things is a hugely complex ecosystem of devices, messaging protocols, cloud systems, networks and more. With so many moving parts it’s inevitable that there are security gaps for attackers to exploit. The fact that attacks thus far have been relatively isolated should be no cause for complacency. With IoT increasingly embedded into the operations of hospitals, factories, energy plants, offices and more, we should be looking closer at where these gaps lie.
That’s why Trend Micro released a major new piece of research today. It reveals serious design flaws and vulnerabilities in two of the most popular machine-to-machine protocols in use today. Over 219 million messages were exposed globally by these systems in just the four months of the research period. Continue reading →
The government is failing to address the cyber challenge facing the UK’s critical infrastructure (CNI) providers urgently enough, a new parliamentary report has claimed. In many ways the challenges facing CNI firms are broadly the same as for other organisations, just that the impact of successful attacks could go way beyond data loss and damaged brand reputation to devastating disruption of daily life and potentially even physical harm to citizens.
The good news is that, in lieu of government action, there are many things that organisations in the sector can do to mitigate risk and improve cyber resilience. They just need to remember to layer up security at all levels of the IT infrastructure, from DevOps up. Continue reading →