Confidence in IoT security is not high

March 3, 2018

IoT

Organizations seem to be questioning the security of IoT devices. This will ultimately slow the adoption of such devices within the enterprise. There is an article on Help Net Security that speaks to how your IoT strategy may just be creating security holes. I think it's more than just the strategy itself. There are IoT companies out there that just don't take security seriously and leave it up to the users/organizations to ultimately secure the devices.

While IoT devices can empower an organization, they need to be put in place with careful planning and sometimes special considerations.

Here are some of the topics of interest in the article:

  • Security concerns cited as top barrier to increased IoT adoption
  • Security concerns cited as top barrier to increased IoT adoption
  • Disparity between IoT use and security
  • Most have already experienced an IoT-related security incident
  • Lack of patching policies and procedures
  • Insufficient risk assessment for third-party partners and testing of IoT vendors
  • Confidence in IoT security is not high
  • While all of the above are great topics for discussion, I don't believe that they are total show stoppers. We always need to do our homework and get security involved when implementing anything new. Additionally, there are many items above that may seem daunting, however, every one of these can be overcome with creativity, proper planning, and proper implementation.

    Reach out to AgileSecOps if you need help implementing a proper IoT strategy.


    The need to integrate Security with Operations

    Mar 3, 2018

    A recent Help Net Security article that claims that only 35% of companies they surveyed actually conduct SecOps. This is heartbreaking when more than half of companies (52 percent) admit to cutting back on security measures to meet a business deadline or objective.

    This information comes from a survey of over 200 senior-level operations and security professionals conducted by Threat Stack.

    Further evidence shows that companies are sacrificing security for speed, researchers found that 68 percent of companies say their CEO demands DevOps and security teams not do anything that slows the business down.

    This isn't the time to be operating in this manner. Security needs to integrate themselves with the rest of the company. Get out of your silo and sit next to DevOps, developers, and the rest of the IT Team. Integrate yourself, empower, and help other teams drive secure solutions to market.

    Reach out to AgileSecOps as we would be more than happy to help with the realignment of your organization. AgileSecOps can start by performing a quick evaluation of the effectiveness of your Security Team.