SlideShare a Scribd company logo

Security for the Internet of Things: A Call to Action

Download as PPT, PDF
Accenture Technology
Accenture Technology

The Internet of Things (IoT) offers many industries significant new opportunities, but it also exposes them and their customers to a host of security issues. Securing the IoT requires new ways of thinking that can defend the enterprise and its customers against attackers and privacy abuses.

Technology
1 of 15
Security Call to Action: Preparing for the Internet of Things
Copyright © 2015 Accenture All rights reserved. 2 The Internet of Things (IoT) is already here Many industries are now using the IoT, which integrates people, data and intelligent machines—to introduce new products and services, boost customer relationships and improve operations. #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 3 The IoT extends an enterprise’s reach • New applications, digital services and business models • Cost savings from process automation • Increased precision from software controls • Informed decision making regarding physical assets • Real-time process optimization IoT technology is fundamentally changing how industries operate by making possible: The IoT will transform organizations and countries alike, stimulating economic expansions, boosting competitiveness and increasing productivity and growth in industries worldwide. #IoTSecurity Real-time optimization Improved asset utilization Reasoning and taking complex action Informed decision making by physical assets
Copyright © 2015 Accenture All rights reserved. 4 The IoT offers many industries significant new opportunities, but it also exposes them and their customers to a host of security issues: For the IoT to succeed, organizations and consumers need to believe that its benefits outweigh its risks. Today’s connected world presents new security issues *World Economic Forum, in collaboration with Accenture, “Industrial Internet of Things: Unleashing the Potential of Connected Products and Services” • Executives list cyber attack vulnerability as their most important IoT concern, followed closely by personal data breaches* • Previously secure closed systems now offer remote access and control, potentially enabling hostile parties to take control of appliances, machines, finances and identities • Press reports indicate hackers have already breached everything from major corporate databases to thousands of everyday consumer devices #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 5 What security issues do organizations face? IoT-based services (such as medical devices, control systems and vehicles) require continuity and high availability Operational security Privacy Digital identities Software patching Access management Time services Communication protocol diversity Valuable data require protection Many IoT devices lack human users who can install security updates Diverse protocols for IoT devices complicate security Many IoT devices depend on hard-coded access keys, making them vulnerable to attacks In the absence of universal standards, each implementation requires unique approaches to managing authentication and access Logging systems must identify events without relying on time-of-day data Securing the IoT requires new ways of thinking that can defend the enterprise and its customers against attackers and privacy abuses. #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 6 Understanding the IoT threats that applications, networks and devices face • Accessing passwords in plain text • Sending unencrypted confidential information enables eavesdropping • Social engineering attacks that trick users into revealing confidential information Attacks on applications Attacks on networks Attacks on devices • Exploiting vulnerabilities in protocols • Impersonating devices • Inserting rogue devices to gain unauthorized network access • Accessing error information to identify unmonitored information • Targeting end-user devices like TVs and household appliances, or industrial infrastructure such as supervisory control and data acquisition (SCADA) systems • Attacking devices that depend on hard-coded access keys ExamplesThreats • Household heating and power units • Malicious software loaded on point-of- sale terminals to steal credit card and payment information and cause financial, privacy and confidentiality issues • Medical devices, such as insulin pumps and defibrillators with embedded web servers connected to the Internet or hospital networks • Universal plug and play protocol vulnerability • Industrial control systems (SCADA) • Smart meters • Medical devices • Traffic flow sensors • Connected vehicle control systems #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 7 Many industrial control systems employ highly intricate and precise mechanisms that automate complex industrial processes Malicious programming could alter control settings and cause catastrophic failure. Exploring four security scenarios: #1 Industrial control systems Copyright © 2015 Accenture All rights reserved. 7 #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 8 Attacks on connected cars can affect on- board diagnostics and other systems such as the anti-lock brakes. Research firm IHS Automotive estimates that globally, 23 million cars are connected to the Internet in some capacity. By 2020 it expects that figure to rise to 152 million. Exploring four security scenarios: #2 Connected vehicles Copyright © 2015 Accenture All rights reserved. 8 *McCarthy, Niall. “Connected Cars bye the Numbers [Infographic].” Jan 27, 2015. http://www.forbes.com/sites/niallmccarthy/2015/01/27/connected-cars-by-the-numbers- infographic/ #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 9 Exploring four security scenarios: #3 Unmanned aerial vehicles Attacks on unmanned aerial vehicles (drones) could lead to intentional crashes or vehicle theft. Copyright © 2015 Accenture All rights reserved. 9 #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 10 The IoT has enabled the enterprise to connect with suppliers and customers intimately, providing retailers with more information about their consumers than ever – but what does this mean for consumer privacy? Exploring four security scenarios: #4 Connected retail Copyright © 2015 Accenture All rights reserved. 10 #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 11 Security call to action: Gauge security readiness #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 12 • Engineer trust into connected products—Apply secure-by-design principles to components • Adopt a new operational mindset—Continuously monitor the IoT’s operational and security health • Develop contextualized threat models—Incorporate key business goals, the underlying technical infrastructure, and potential threats that can disrupt the business into the models. • Apply mobile and cyber-physical system (CPS) security lessons— Consider the lessons learned in mobile and CPS arenas • Adopt privacy-by-design principles—Maintain access and authorization rights to data sets • Track and use emerging standards—Understand emerging standards and consider joining standards bodies • Continue to educate systems users—Improve recognition of and response to increasingly sophisticated attacks Getting started on the path to increased IoT security #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 13 Share best security practices through a global security commons Broad IoT actions for stakeholders Clarify and simplify data protection and liability policies Collaborate on long- term, strategic R&D to solve security challenges #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 14 #IoTSecurity www.accenture.com/securityIoT Join the conversation #IoTSecurity
Copyright © 2015 Accenture All rights reserved. 15 Contacts #IoTSecurity

Recommended

IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challengesHadi Fadlallah
 
Fog computing
Fog computingFog computing
Fog computingHari Priyanka
 
fog computing ppt
fog computing ppt fog computing ppt
fog computing ppt sravya raju
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
FOG COMPUTING
FOG COMPUTINGFOG COMPUTING
FOG COMPUTINGSaisharan Amaravadhi
 
Introduction of Cloud computing
Introduction of Cloud computingIntroduction of Cloud computing
Introduction of Cloud computingRkrishna Mishra
 

Recommended

IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challengesHadi Fadlallah
 
Fog computing
Fog computingFog computing
Fog computingHari Priyanka
 
fog computing ppt
fog computing ppt fog computing ppt
fog computing ppt sravya raju
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
FOG COMPUTING
FOG COMPUTINGFOG COMPUTING
FOG COMPUTINGSaisharan Amaravadhi
 
Introduction of Cloud computing
Introduction of Cloud computingIntroduction of Cloud computing
Introduction of Cloud computingRkrishna Mishra
 
Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Technology
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayAccenture Technology
 
Accenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Technology
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech CultureAccenture Technology
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech CultureAccenture Technology
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Technology
 
Highlights on the five key trends
Highlights on the five key trendsHighlights on the five key trends
Highlights on the five key trendsAccenture Technology
 
Helping you get back to the workplace confidently
Helping you get back to the workplace confidentlyHelping you get back to the workplace confidently
Helping you get back to the workplace confidentlyAccenture Technology
 
Driving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldDriving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldAccenture Technology
 
Accenture + Red Hat
Accenture + Red HatAccenture + Red Hat
Accenture + Red HatAccenture Technology
 
Accenture and Mercedes Case Study
Accenture and Mercedes Case StudyAccenture and Mercedes Case Study
Accenture and Mercedes Case StudyAccenture Technology
 
Accenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology
 
Accenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology
 
Accenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology
 
Accenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology
 
Elevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayElevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayAccenture Technology
 
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAutomating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAccenture Technology
 
Technology Vision for SAP 2019
Technology Vision for SAP 2019Technology Vision for SAP 2019
Technology Vision for SAP 2019Accenture Technology
 
Technology Vision 2019 for Workday
Technology Vision 2019 for WorkdayTechnology Vision 2019 for Workday
Technology Vision 2019 for WorkdayAccenture Technology
 
Accenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 

More Related Content

More from Accenture Technology

Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Technology
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayAccenture Technology
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Technology
 
Helping you get back to the workplace confidently
Helping you get back to the workplace confidentlyHelping you get back to the workplace confidently
Helping you get back to the workplace confidentlyAccenture Technology
 
Driving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldDriving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldAccenture Technology
 
Accenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology
 
Accenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology
 
Accenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology
 
Accenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology
 
Elevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayElevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayAccenture Technology
 
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAutomating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAccenture Technology
 
Technology Vision 2019 for Workday
Technology Vision 2019 for WorkdayTechnology Vision 2019 for Workday
Technology Vision 2019 for WorkdayAccenture Technology
 
Accenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology
 

More from Accenture Technology (20)

Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020Accenture Labs Innovation Stories 2020
Accenture Labs Innovation Stories 2020
 
Helping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + WorkdayHelping people to be ‘net better off’ with Accenture + Workday
Helping people to be ‘net better off’ with Accenture + Workday
 
Accenture Labs Innovation Stories
Accenture Labs Innovation StoriesAccenture Labs Innovation Stories
Accenture Labs Innovation Stories
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
 
Resetting Tech Culture
Resetting Tech CultureResetting Tech Culture
Resetting Tech Culture
 
Accenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP SolutionsAccenture Tech Vision 2020 for SAP Solutions
Accenture Tech Vision 2020 for SAP Solutions
 
Highlights on the five key trends
Highlights on the five key trendsHighlights on the five key trends
Highlights on the five key trends
 
Helping you get back to the workplace confidently
Helping you get back to the workplace confidentlyHelping you get back to the workplace confidently
Helping you get back to the workplace confidently
 
Driving Workday transformation in a virtual world
Driving Workday transformation in a virtual worldDriving Workday transformation in a virtual world
Driving Workday transformation in a virtual world
 
Accenture + Red Hat
Accenture + Red HatAccenture + Red Hat
Accenture + Red Hat
 
Accenture and Mercedes Case Study
Accenture and Mercedes Case StudyAccenture and Mercedes Case Study
Accenture and Mercedes Case Study
 
Accenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: InfographicAccenture Technology Vision 2020: Infographic
Accenture Technology Vision 2020: Infographic
 
Accenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: OverviewAccenture Technology Vision 2020: Overview
Accenture Technology Vision 2020: Overview
 
Accenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and MeAccenture Technology Vision 2020: AI and Me
Accenture Technology Vision 2020: AI and Me
 
Accenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNAAccenture Technology Vision 2020: Innovation DNA
Accenture Technology Vision 2020: Innovation DNA
 
Elevating the Workforce Experience with Workday
Elevating the Workforce Experience with WorkdayElevating the Workforce Experience with Workday
Elevating the Workforce Experience with Workday
 
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AGAutomating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
Automating HR Correspondence: Experiences in HR at ZF Friedrichshafen AG
 
Technology Vision for SAP 2019
Technology Vision for SAP 2019Technology Vision for SAP 2019
Technology Vision for SAP 2019
 
Technology Vision 2019 for Workday
Technology Vision 2019 for WorkdayTechnology Vision 2019 for Workday
Technology Vision 2019 for Workday
 
Accenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for PegaAccenture Technology Vision 2019 for Pega
Accenture Technology Vision 2019 for Pega
 

Recently uploaded

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 

Recently uploaded (20)

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 

Security for the Internet of Things: A Call to Action

  • 1. Security Call to Action: Preparing for the Internet of Things
  • 2. Copyright © 2015 Accenture All rights reserved. 2 The Internet of Things (IoT) is already here Many industries are now using the IoT, which integrates people, data and intelligent machines—to introduce new products and services, boost customer relationships and improve operations. #IoTSecurity
  • 3. Copyright © 2015 Accenture All rights reserved. 3 The IoT extends an enterprise’s reach • New applications, digital services and business models • Cost savings from process automation • Increased precision from software controls • Informed decision making regarding physical assets • Real-time process optimization IoT technology is fundamentally changing how industries operate by making possible: The IoT will transform organizations and countries alike, stimulating economic expansions, boosting competitiveness and increasing productivity and growth in industries worldwide. #IoTSecurity Real-time optimization Improved asset utilization Reasoning and taking complex action Informed decision making by physical assets
  • 4. Copyright © 2015 Accenture All rights reserved. 4 The IoT offers many industries significant new opportunities, but it also exposes them and their customers to a host of security issues: For the IoT to succeed, organizations and consumers need to believe that its benefits outweigh its risks. Today’s connected world presents new security issues *World Economic Forum, in collaboration with Accenture, “Industrial Internet of Things: Unleashing the Potential of Connected Products and Services” • Executives list cyber attack vulnerability as their most important IoT concern, followed closely by personal data breaches* • Previously secure closed systems now offer remote access and control, potentially enabling hostile parties to take control of appliances, machines, finances and identities • Press reports indicate hackers have already breached everything from major corporate databases to thousands of everyday consumer devices #IoTSecurity
  • 5. Copyright © 2015 Accenture All rights reserved. 5 What security issues do organizations face? IoT-based services (such as medical devices, control systems and vehicles) require continuity and high availability Operational security Privacy Digital identities Software patching Access management Time services Communication protocol diversity Valuable data require protection Many IoT devices lack human users who can install security updates Diverse protocols for IoT devices complicate security Many IoT devices depend on hard-coded access keys, making them vulnerable to attacks In the absence of universal standards, each implementation requires unique approaches to managing authentication and access Logging systems must identify events without relying on time-of-day data Securing the IoT requires new ways of thinking that can defend the enterprise and its customers against attackers and privacy abuses. #IoTSecurity
  • 6. Copyright © 2015 Accenture All rights reserved. 6 Understanding the IoT threats that applications, networks and devices face • Accessing passwords in plain text • Sending unencrypted confidential information enables eavesdropping • Social engineering attacks that trick users into revealing confidential information Attacks on applications Attacks on networks Attacks on devices • Exploiting vulnerabilities in protocols • Impersonating devices • Inserting rogue devices to gain unauthorized network access • Accessing error information to identify unmonitored information • Targeting end-user devices like TVs and household appliances, or industrial infrastructure such as supervisory control and data acquisition (SCADA) systems • Attacking devices that depend on hard-coded access keys ExamplesThreats • Household heating and power units • Malicious software loaded on point-of- sale terminals to steal credit card and payment information and cause financial, privacy and confidentiality issues • Medical devices, such as insulin pumps and defibrillators with embedded web servers connected to the Internet or hospital networks • Universal plug and play protocol vulnerability • Industrial control systems (SCADA) • Smart meters • Medical devices • Traffic flow sensors • Connected vehicle control systems #IoTSecurity
  • 7. Copyright © 2015 Accenture All rights reserved. 7 Many industrial control systems employ highly intricate and precise mechanisms that automate complex industrial processes Malicious programming could alter control settings and cause catastrophic failure. Exploring four security scenarios: #1 Industrial control systems Copyright © 2015 Accenture All rights reserved. 7 #IoTSecurity
  • 8. Copyright © 2015 Accenture All rights reserved. 8 Attacks on connected cars can affect on- board diagnostics and other systems such as the anti-lock brakes. Research firm IHS Automotive estimates that globally, 23 million cars are connected to the Internet in some capacity. By 2020 it expects that figure to rise to 152 million. Exploring four security scenarios: #2 Connected vehicles Copyright © 2015 Accenture All rights reserved. 8 *McCarthy, Niall. “Connected Cars bye the Numbers [Infographic].” Jan 27, 2015. http://www.forbes.com/sites/niallmccarthy/2015/01/27/connected-cars-by-the-numbers- infographic/ #IoTSecurity
  • 9. Copyright © 2015 Accenture All rights reserved. 9 Exploring four security scenarios: #3 Unmanned aerial vehicles Attacks on unmanned aerial vehicles (drones) could lead to intentional crashes or vehicle theft. Copyright © 2015 Accenture All rights reserved. 9 #IoTSecurity
  • 10. Copyright © 2015 Accenture All rights reserved. 10 The IoT has enabled the enterprise to connect with suppliers and customers intimately, providing retailers with more information about their consumers than ever – but what does this mean for consumer privacy? Exploring four security scenarios: #4 Connected retail Copyright © 2015 Accenture All rights reserved. 10 #IoTSecurity
  • 11. Copyright © 2015 Accenture All rights reserved. 11 Security call to action: Gauge security readiness #IoTSecurity
  • 12. Copyright © 2015 Accenture All rights reserved. 12 • Engineer trust into connected products—Apply secure-by-design principles to components • Adopt a new operational mindset—Continuously monitor the IoT’s operational and security health • Develop contextualized threat models—Incorporate key business goals, the underlying technical infrastructure, and potential threats that can disrupt the business into the models. • Apply mobile and cyber-physical system (CPS) security lessons— Consider the lessons learned in mobile and CPS arenas • Adopt privacy-by-design principles—Maintain access and authorization rights to data sets • Track and use emerging standards—Understand emerging standards and consider joining standards bodies • Continue to educate systems users—Improve recognition of and response to increasingly sophisticated attacks Getting started on the path to increased IoT security #IoTSecurity
  • 13. Copyright © 2015 Accenture All rights reserved. 13 Share best security practices through a global security commons Broad IoT actions for stakeholders Clarify and simplify data protection and liability policies Collaborate on long- term, strategic R&D to solve security challenges #IoTSecurity
  • 14. Copyright © 2015 Accenture All rights reserved. 14 #IoTSecurity www.accenture.com/securityIoT Join the conversation #IoTSecurity
  • 15. Copyright © 2015 Accenture All rights reserved. 15 Contacts #IoTSecurity