Category

Security+Privacy

Insight into the information security and privacy issues enterprises grapple with.

 
avatar

I’m excited about the Internet of Things (IoT), and I expect it to create incredible opportunities for companies in almost every industry. But I’m also concerned that the issues of security, data privacy, and our expectations of a right to privacy, in general — unless suitably addressed — could hinder the adoption of the IoT by consumers and businesses and possibly slow innovation. So, with all the hype of the IoT, I’m going to play devil’s advocate, because these issues tend to receive limited coverage when considering the impact of new technology developments on society. First of all, I am amazed at all the connected products and services that are starting to appear. These include, …

Read more

 
IoT, Big Data, Mobile Apps, Drones to Impact Privacy & Security

Here are my predictions for 2014: 2014 will bring exponential expansion and evolution of the Internet of Things (IoT). This will also bring new opportunities for information security trailblazers unlike any we’ve seen before. The potential benefits of the IoT will be huge, but just as large will be the new and constantly evolving information security and privacy risks. We will see some significant privacy breaches resulting from the use of IoT devices as a result. New IoT risks, and resulting security incidents and privacy breaches, will bring a significant need for technology information security pros to also understand privacy concepts so they can implement privacy protections within all these new devices, and into the …

Read more

Dec 162013
 
Securing Internet Traffic

By the end of 2014 or the beginning of 2015, various large cloud providers as well as the Internet Engineering Task Force (IETF) will have developed mechanisms to protect most Internet traffic against the pervasive domestic spying performed by the U.S. National Security Agency. The NSA won’t be unable to decrypt the traffic it really cares a lot about, but it will just take too much computer time to decrypt all traffic, as it can do right now. I predict this because there is a great convergence happening. First, the NSA’s antics have finally made companies aware of the security issues involved in taking client-server traffic that used to be inside the firewall and moving …

Read more

 
Things That Go Bump in the Night

By the end of the decade, self-driving cars will be on the roads in many developed countries. The electric grid will tell our heaters when it is more economical to run, “learning thermostats” will be in many homes, and we will track the movements of people, pets, packages, and many other things. By some estimates, the number of devices connected to this “Internet of Things” (IoT) will pass the number of connected human users by 2016. The question is: will serious accidents be necessary before people take the risks seriously and harden this infrastructure? Because the IoT senses and controls physical objects, serious harm can happen — either accidentally or intentionally. We need devices to …

Read more

 
avatar

Just in time for National Cyber Security Awareness month is the Cutter IT Journal issue — Privacy and Security in the Internet of Things. Guest Edited by Privacy by Design Ambassador and Cutter Senior Consultant Rebecca Herold and her host of expert authors — this issue highlights the many possible data hacking scenarios your organization could be privy to as the IoT gathers speed. With no current restrictions on how data collected by IoT-related devices is analyzed — the market is an open playing field for potential exploit. Explore the implications of the IoT and learn some strategies for mitigating the possibility of data breaches in this exciting new issue! Cutter clients read this issue …

Read more

 
avatar

The latest technology tsunami creates great market opportunities, and simultaneously wreaks havoc on the business world. The Internet of Things (IoT) is all about connecting sensors and other data-generating devices to everyday objects and ultimately to the Internet, generating a wealth of intelligence and real-time data, and merging and blurring the physical and virtual worlds. Already established in the consumer products world, the IoT offers corporations the opportunity to develop new offerings or to reconfigure existing products to collect intelligence. This will drive an increase in big data implementations, cloud, and other emerging technologies as corporations begin to capitalize on this up and coming phenomenon. Every new trend comes with its share of challenges and …

Read more

 
avatar

Some argue that a cyber-Armageddon — or a “digital Pearl Harbor” — may be just around the corner, while others counter that while cybersecurity needs to be taken seriously, the overall cyberthreat and its consequences are vastly overblown and are merely a convenient excuse to sell over-priced security software and consulting. The May 2011 Cutter IT Journal will try to separate the wheat from the chaff as pertains to security threats from current and potential cyberweapons. Proposals of interest are due 2 March 2011. To respond, please visit http://www.cutter.com/content-and-analysis/journals-and-reports/cutter-it-journal/callforpapers02.html

 
avatar

Security and the law have not caught up with technology and the outlaws. But most people seem to be ignoring the risks in favor of the opportunities and I don’t see that changing in 2011. A high profile incident is bound to happen, probably sooner rather than later. The headlines this year have been full of security issues facing the internet. First, there was the Zeus Trojan Horse which has stolen millions of dollars from small businesses and individuals. Zeus steals your credentials from your computer, and then uses them to make numerous small transfers from your bank account (under the $10,000 limit for reporting) until it has been emptied out. Since your computer was …

Read more

 
avatar

Here at Cutter HQ, as we fondly call it, we’re in full Summit mode: printing badges, packing boxes, tweaking the final menus – getting all the behind-the-scenes stuff done. But that’s certainly not the exciting stuff! What is exciting is the program. As always (this is the 14th Summit we’ve held here in the Boston area), there’s nothing theoretical about the program or sessions. It’s all about creating and discovering business-technology strategies that pave the way for success. And since there are no vendor sponsors, there are no pitches, subtle or otherwise, about silver bullet-type solutions. Here’s a peek at Monday’s sessions: We’re addressing cloud computing. Lou Mazzucchelli’s tackling this topic. If you’ve ever heard …

Read more

 
avatar

Early this year, fellow Cutter Consultants Mitch Ummel, Mike Rosen, and I wrote an Executive Report on the Smart Grid. In that report, we talked about all the potential that the Smart Grid offers, how it would be designed, and also about the serious problems that such an ambitious undertaking faces — especially problems related to reliability and security. We expressed fears that since the next generation of Smart Grid electrical utilities is based on current standards taken from the Internet and the current generation of operating systems, it would be subject to serious attacks by more and more sophisticated hackers which, in turn, could seriously jeopardize the reliability and security of our most critical …

Read more