The IoT: Embrace Opportunity and Manage Risk

Blog Date:  10/21/2016
Author:  Ray Coulombe
Category(s):  Cyber Security

DDoS attacks have existed and accelerated dramatically since 1999: A network of computers bombards a website with millions of messages to the point that the system can’t handle the traffic and shuts down. Until now, these attacks focused on hijacking computers with malicious software and recruiting them into “botnets” to send messages.

But now, thanks to the IoT, there is an expanded focus - compromising all manner of devices, including surveillance cameras, where attackers want to compromise the availably of some resource(s), be it a website, a machine, or a capability.

So, how can we minimize the risk of a botnet hijacking? Here’s a few ways to limit the risk of participating in a DDoS attack:

1. Develop and enforce a protocol for any network-connected device that touches your organization to ensure that it gets a secure name and password, is set up for secure WiFi (WPA2), and receives available updates.
2. Set your routers and firewalls to reject any unauthorized attempt by network devices to communicate outside of your internal network. Print servers, for example, probably don't need to have regular access to the Internet.
3. Make sure your intrusion protection system is set to scan for unauthorized devices and check to see if your firewall is set to trigger alerts when devices attempt to reach the internet.
4. Confirm that any new devices in your organization support your security requirements from trusted vendors, including the ability to support secure WiFi.
5. Where possible, try to use wired networking rather than wireless. It’s not foolproof – just a little better.
6. Make cyber hygiene a priority throughout your organization, not just the security staff. This includes ongoing training about opening any email link or file; deploying new devices that touch the network; and, being aware of the various faces social engineering can take.

Just a few simple steps can help protect your entire business from a major shut down and hacking operation. The IoT is a great step forward in technology, the security is lagging far behind!

Hear from a panel of experts this year at the 2016 Securing New Ground event on October 19-20 in New York.

IoT: Embracing Opportunity and Managing Risk
October 19 from 9:10-9:55am
Once defined and restricted by proprietary technology, the security industry has turned the corner and become part of the movement embracing open connectivity and IoT. We embrace the flexibility and simplicity of connecting devices and sensors to our systems, but acceptance has created new vulnerabilities and risk. Hear what industry experts say about how IoT is redefining everything from the consumer and residential markets to the future of enterprise level security.
Learn more


Resource Blogs

Most Recent Blogs Listed for Ray Coulombe.


Stay Safe! While Traveling This Summer

It’s summer vacation time! The last thing you need to worry about it is getting your identity stolen while you’re sitting on a beach somewhere exotic. In 2016, more than 15 million Americans were victims of identity theft, up 16 percent from the previous year, according to Experian. Plus, about 33 percent of that fraud took place when people were traveling. Here’s a few tips to staying safe all summer while traveling...
read more -->


Rethinking Cabling

Cat 5e became an ANSI/TIA/EIA standard in 2001, Cat 6 in 2002, and Cat 6a in 2008. However, it may be extremely useful to consider taking advantage of other existing cabling infrastructure in lieu of running new. Read more to learn how to approach cabling.
read more -->


Off the Beaten Path at ISC West

This year at ISC (the International Security Conference and Exposition), I was determined to try to see the latest iStechnologies hiding in the nooks and crannies—literally! I visited booths in the back, the basement, small kiosks hidden inside larger vendor books, and throughout the Emerging Technology Zone.

In case you missed the show, I’ll round up some of the best new technologies and companies to keep an eye on. Read more.
read more -->


Cyber Crime Taking Down Cities

Earlier this year, in March, the City of Atlanta’s nearly 8,000 employees heard words they never thought they would hear: “It’s okay to turn your computers on.” Their computers were powered off for five days. In those five days Atlanta residents could not pay traffic tickets, water bills, or report city issues. Read how ransomware impacted this metropolitan area.
read more -->


A Few Thoughts on K-12 School Security

There is no one size fits all when it comes to K-12 school security. Schools vary in so many ways: size, age, local environment, affluence, culture, governance, and more. Read some helpful tips and resources that might just help your school be better prepared.
read more -->