IoT plays an important role that allows enterprises to go through digital transformation. However, in many cases organizations start to become aware that they do already have a large number of IoT devices which were introduced gradually over the years. One of the main concerns that an organizations face when dealing with IoT is managing risks involved in increasing number of IoT devices. Because of their ability to interact with the physical world, there are safety and privacy concerns when it comes to the security of IoT devices. This paper provides an overview of IoT components, followed by risks and sample attacks. Finally, a list of current and prospective future security solutions is discussed.

Traditional Enterprise Data loss prevention (DLP) tools were not initially designed for protecting unstructured data, and encryption and policy are not centralized and few have taken advantage of improvements in recent years. In the meantime, unstructured data has piled up and is growing.  To target this problem, a new set of vendors and products emerged with “data-centric” solutions adding to the confusion. So many vendors with a variety of capabilities to choose from, but how do you know which is right? What vendor do you choose? The answer to these questions is to think more about what you want to accomplish and weigh the approaches first.

As Jewish families around the world prepared for the High Holidays last month, the most significant days of the Jewish calendar, synagogues prepared to facilitate services under unprecedented circumstances due to the coronavirus pandemic. For those of us that work on providing security for the Jewish community, it would become yet another time of heightened vigilance.

If we ended up in a cyberbattle with some of the top nation-state actors, they could shut down supply chains, hospitals, the internet, oil and gas, electricity grids, water systems and more.  A national cyber director would be able to coordinate the cybersecurity flow of information to the executive branch and be able to coordinate a strategy to defend against these kinds of attacks.

October is National Cybersecurity Awareness Month, and we wholeheartedly support this important initiative to focus attention on the critical security challenges facing all of us. This week’s theme focuses on the continued proliferation of IoT with, “The Future of Connected Devices.” If there’s one major cyber trend we’ve seen unfold around connected devices, it’s that there is a tendency to focus cybersecurity awareness on what we can see – phones, laptops, and IoT devices, while assuming that protecting endpoints will stop the epidemic of damaging cyberattacks.

COVID-19 has posed a wide variety of problems to businesses of all kinds, from hospitals and grocery stores to cannabis dispensaries and schools. While security technology has always been an important investment for businesses to make, during the pandemic, the use of security technology has become more vital than ever, and has provided businesses with solutions to some of their pandemic problems. COVID-19 has helped business owners realize that their security systems have a far larger function and versatility than strictly traditional loss prevention. While many have traditionally viewed them as ways to prevent theft, such as shoplifting, or protect their employees and buildings, business owners are now being exposed to the true capabilities of their security systems.

On one hand, we have cybersecurity solutions that are not keeping pace with today’s hackers. In spite of more resources being devoted to cybersecurity, cyber compromises are at an all-time high, with even less experienced hackers now gaining access. At the same time, hardware designers are changing their industry standards and direction. This change enables hackers anytime access to hardware - even when it is powered off. The result of this combination is a perfect cyber storm, ready for disaster.

Over the past decade we’ve seen an increase in consumer grade IoT devices, but the security of those devices hasn’t always kept pace with the realities of the cyber threats targeting what is arguably an unmanaged computing device. These cyber threats are made more concerning when the expected lifespan of the device is factored in. After all, dishwashers, thermostats and doorbells aren’t devices like smartphones where there is social pressure to have the latest version.

Modern security teams are not unlike the tenacious forensic investigators featured on many popular network television shows. In order to determine ‘who done it’ they must piece together small and seemingly unrelated strains of evidence.