David Dufour, VP of Engineering & Cybersecurity at Webroot, warns that when it comes to IoT devices a combination of specific security approaches with legislative restrictions are needed to ensure that these devices and our information is secure.
Read more on InfoSecurity Magazine
IoT is still in its security infancy and the array of new (debatably useful) connected devices available, such as the smart toaster that prints the weather on your bread, creates a larger attack surface to defend, which when compromised could grant an attacker access to sensitive and valuable data. Physical security of these devices is also often overlooked; whether it’s a smaller device that can be stolen, or a device left unattended that can be targeted, businesses from every industry need to take control of their own security, understanding the risks associated with connecting more and more devices to the network. Devices need to be maintained and monitored, moving away from the current ‘set-it and forget it’ mentality. In addition, understanding how and what data a device collects, stores and communicates is crucial to securing sensitive data.