#cybersecurity The Gift everyone needs for the Holidays!

Happy Holidays.

It is, as is so commonly mentioned in the media: “That Time of Year Again.” Yup. Packages. Shiny New Things. Cool Toys for the Kids and kid-adults alike.

It is also the time of year of increased cyber crime attempts aimed at retailers.

Add also the time of year when more families and organizations introduce new varieties of malware, ad-malware, viruses, worms, bad bots and devices that phone “home” into our homes, workplaces and civic spaces.

How? Because many devices are coming pre-loaded with malware. How many parents look into the workings of a cheap tablet before handing it off to the kids? How many people are checking new apps to see the permissions being requested on those new devices and old ones too?

How many companies are not checking to see if their employee’s new devices are safe to be brought into the workplace, let alone to be allowed access to networks? 

Do you know what your connected devices are doing this holiday season? Perhaps it is not just calling the North Pole, but indeed calling “home” with your life information. This applies to talking teddy bears, connected fridges, Iot devices of every stripe, but not to mention your phone, tablet, smartwatch, car.

#IoT Security Is Just Not.

A few weeks ago I wrote this piece about #IOT Cybersecurity and how it affects personal and brand reputations. I got a lot of criticism for basically speaking the truth. I appreciate all the tweets, emails and Linkedin posts engaging on this piece, including all the people who attempted to say I was wrong.

But the points raised in that piece are simply the opening salvo in a multi front disruption. The disruption is NOT IoT. The disruption is to switch from product leading first with security as an afterthought in the rush to go to market. What needs to change is the mindset to build in design security from the beginning,

Last week I sat on a panel at the California Cyber Security Task Force meeting. The panelists were all cybersecurity experts, from across the field, including homeland security, penetration testers, strategy and policy. When it came time to talk about #IOT Internet of Things, we were all asked what people thought about the current state of cybersecurity in IoT.

The answer from the entire panel was: THERE IS NO SUCH THING AS CYBERSECURITY AS OF YET IN THE INTERNET OF THINGS.

Think about that for a second. Or maybe longer. Sure there are a few Iot devices that do offer some level of security. But often, as was raised by one of the other panelists, that is simply writing a marketing statement to the effect of “We take your security very seriously.”

But most IoT devices do not provide any real security, and many are simply copies off other IoT devices that also have no security. Then you have to add in the problem of the unsecured devices talking and sending your data to other non secure devices and or third party companies.

The disruption has to be the switch from rush to market with little to no thought about security — to one where security is built in from the design level up and where devices are not put on the market without first being hack tested every which way to be able to prove their security credentials. Otherwise, we are all simply at very real risk. In part because of the inattention or even stupidity of others who do not think this is important; or in the rush to market skip cybersecurity completely — or just write a lame #fail marketing statement about how they value your security.

Because. Not.

Alan W. Silberberg, CEO of DIGIJAKS

%d bloggers like this: